What demons or programs should be in the 'wheel' group, you mentioned?
I mean those that are in the passwd file.
(I have RH5.2)
>To expand slightly on the above answer: if you log in as root nobody
>else can know who logged in as root. It is true that if you can log
>nto a shared account such as 'guest', and obtain a shell, you can
>su to root and nobody can know who you are. But the existence of
>such an account is proof of the naivete of the system administrator,
>whereas the root account necessarily exists.
>A secure system will have a 'wheel' group. su will have group
>execute permission for that group, and will not be world-executable.
>Therefore, even a person who has managed to snoop the root password
>will not be able to su or log in as root without obtaining direct
>physical access to the machine. So although you say you can su from
>guest', that is not necessarily the case. On an Internet-connected
>system, if you can do it and are not in 'wheel', there is a security
>hole which the sysadmin should fix.
These are the two reasons. To identify in the log the person who
obtained root, and to make it possible to prevent unauthorized
people from doing so remotely, even when they know the password.
-
To unsubscribe from this list: send the line "unsubscribe linux-net"
in
the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
