Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-30 Thread Jim C
James Sparenberg wrote: I could create 100 UID 0 users on a box... which is the same thing OK then perhaps I am makeing unexplained jumps in my train of thought. windows does but root ralph admin or whatever you want to call it it's still the same.. A rose by any other name kind of thing.

Re: [expert] What is 'wheel' is it safe & how do I use it?

2002-12-29 Thread David Guntner
Jim C said: > > Really? I mean if you create an admin user can't you then restrict root > from ever logging on? What do you mean by "create an admin user?" Root is root. For some things, you've *got* to be root to make them work. As to restricting root login, that's easy. Your sshd config fi

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread James Sparenberg
I could create 100 UID 0 users on a box... which is the same thing windows does but root ralph admin or whatever you want to call it it's still the same.. A rose by any other name kind of thing. Now you can set up ssh so that you can't directly log is as root but if you remove totally the abil

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread Jim C
Well what about the su command? Can't you get full root access with it? I mean at least as much as anyone would need. Here is the thing. On a Windows XP system you can desginate administrative users. When the system detetects that there are administrative users available it automatically disa

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread James Sparenberg
Oh you can... BUT if the admin user is UID 0 then admin == root if the admin user != root and != UID 0 then the admin user doesn't have full root ability... unless you stand on your head with permissions. James On Sun, 2002-12-29 at 13:00, Jim C wrote: > Really? I mean if you create an admin u

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread Jim C
Really? I mean if you create an admin user can't you then restrict root from ever logging on? Sridhar Dhanapalan wrote: No matter what you call it, root is still UID 0 ('zero'). A cracker can simply use 'UID 0' instead of 'root'. In other words, there is no real use in renaming the root user.

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread Sridhar Dhanapalan
No matter what you call it, root is still UID 0 ('zero'). A cracker can simply use 'UID 0' instead of 'root'. In other words, there is no real use in renaming the root user. On Sun, 29 Dec 2002 01:32:45 -0800, Jim C <[EMAIL PROTECTED]> wrote: > I don't find myself particularly impressed by it the

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-29 Thread Jim C
I don't find myself particularly impressed by it then I am afraid. Specifically I am refering to the use of a standardized name for the group. I mean wouldn't it be better to create an admin group with a misleading name that sounds like it is used by a program or one that sounds like the exact

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-28 Thread James Sparenberg
You are correct... but it still leaves a lot of the other features from BSD missing. or if they do exist in Linux not working quite the same.. Don't misunderstand I'm not complaining... just noteing the difference James On Sat, 2002-12-28 at 19:47, Michael Viron wrote: > You can use lin

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-28 Thread Michael Viron
You can use linux to lock out "su" access to only the wheel group. The steps are: Change the group ownership on su to root:wheel . Next, remove execute permission from "other" on su. Michael -- Michael Viron Core System Administration Team Simple End User Linux At 04:03 PM 12/28/2002 -0800, yo

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-28 Thread Sridhar Dhanapalan
According to http://www.mandrakesecure.net/en/docs/msec.php, the wheel group only appears to be active in msec level 5 ("Paranoid"). On 28 Dec 2002 16:03:02 -0800, James Sparenberg <[EMAIL PROTECTED]> wrote: > I can tell you how it's used in BSD nix although I haven't seen it used > for much in L

Re: [expert] What is "wheel" is it safe & how do I use it?

2002-12-28 Thread James Sparenberg
I can tell you how it's used in BSD nix although I haven't seen it used for much in Linux. In BSD only users in who's primary group is wheel can su to root. All others are locked out. Groups also allow for access control to files / directories etc. One just needs to edit /etc/group to remove an

[expert] What is "wheel" is it safe & how do I use it?

2002-12-28 Thread Jim C
My understanding is that there is a group called "wheel" that allows a user to have administrative privileges. I remember trying to get it to work some time ago but I've never been successful. This may have been because of my msec setting or something but I don't know. Can anybody give me ti