On Tue, Oct 21, 2003 at 09:30:38AM -0700, Kris Kennaway wrote: > > Please note that there are *SEVERE* security issues with this module. > > The module is not loaded into the kernel by default and, when loaded, > > can only be used by users in the wheel group. > > Why the wheel group? Until now, the only special privilege this group > has is that users are allowed to su to root, if they knew the > password. It looks like now you've removed the root password barrier > and allow anyone in the wheel group to manipulate processes to obtain > root without a password :-)
If you don't want them getting root, don't put them in wheel? ;-) <ducks> -- Avleen Vig Systems Administrator Personal: www.silverwraith.com EFnet: irc.mindspring.com (Earthlink user access only) _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
