super user clone & x-server disabling
John_L_Jones at Dell.com
Fri Aug 23 18:39:01 CDT 2002
Thanks for the clarification Phil. I was out in left field (out past the
backstop on this one...)
I wonder if RH 7.3 somehow does utilize the wheel group since there is a
wheel group created after
install in /etc/group....
From: Philip Rowlands [mailto:phr at doc.ic.ac.uk]
Sent: Friday, August 23, 2002 4:54 PM
To: linux-poweredge at exchange.dell.com
Subject: RE: super user clone & x-server disabling
On Fri, 23 Aug 2002 John_L_Jones at dell.com wrote:
>I may be way out in left field on this but...
>On other Unix systems, you can add a user to the wheel group and then
>be able to function as root, but with a user name.
>Anyone correct me if I am wrong with this. I *believe* this is how it works
No. The wheel group is just a convention for "trusted users". It gives
no special privileges other than those the sysadmin chooses to bestow by
chgrp'ing files to wheel. RH73 ships with no such files.
For example, a common security measure is to put /bin/su in the wheel
group, then "chmod 4750 /bin/su". This can also be done to utilities
not usually SUID root, e.g. tcpdump.
There is no other magic that would allow a non-root wheel member to
chown files, manipulate network interfaces, bypass file permissions etc.
Linux-PowerEdge mailing list
Linux-PowerEdge at dell.com
Please read the FAQ at http://lists.us.dell.com/faq or search the list
archives at http://lists.us.dell.com/htdig/
More information about the Linux-PowerEdge