Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!ucbvax!NUSVM.BITNET!GBOPOLY1 From: GBOPOLY1@NUSVM.BITNET (fclim) Newsgroups: comp.sys.apollo Subject: Re: su Message-ID: <8907011447.AA05257@umix.cc.umich.edu> Date: 1 Jul 89 14:47:26 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 52 X-Unparsable-Date: Sat, 01 Jul 89 09:48:31 SST "It is better to keep your mouth shut and let people think you're a fool than to open it and remove all doubts." I have done it this time; it's confirmed -- I'm a fool. Yesterday, I wrote > In article <8906291414.AA04731@lnic1.hprc.uh.edu> Andrew M. Wescott > writes > > >So what is wrong with having to belong to group "wheel" in > >order to su root? I miss the point entirely. Let the sysadm > >add whoever to wheel from edrgy, give them the password, and > >be done with it. > > Say what? We are talking about su, Andrew, ability to turn into > Superuser > in a single bound. We might as well give root's passwd to selected > people > and let them use login instead of su. What am I talking about? Of course, you have to give away the passwd to allow them to su to root. But, Andrew, *don't* put those selected few in the same group as "wheel" I have created 2 accounts for myself. Using edacct, I add fclim (per) staff (proj) cc (org) and fclim (per) sys_admin (proj) none (org) in that order. Normally, when I log in, it will be fclim.staff.cc which is an ordinary account. When I test out ideas (via shell scripts or otherwise), I will not accidently delete system files. After certifying these scripts to be bug free, I logs in as fclim.sys_admin to run the scripts as sysadmin Adding users to "wheel" group will give these users power to edit/delete files owned by root. If foo has the permission modes rwxr-xr-x root (owner) wheel (group) then these users will not be able to edit/delete foo. However, if we have for bar rwxrwxr-x root (owner) wheel (group) then bar may be accidently deleted. The users need not su to root to edit/delete bar. Have a happy 4th of July. fclim --- gbopoly1 % nusvm.bitnet @ cunyvm.cuny.edu computer centre singapore polytechnic dover road singapore 0513.