|
|
Back to UserFriendly Strip Comments Index
|
Major Linux Help Please! | by MatthewDBA | 2006-09-07 13:43:15 |
|
Log in as a regular user, then su | by Stuka | 2006-09-07 13:48:10 |
|
note the user has to be in the "wheel" group | by Freakazoid | 2006-09-07 15:45:49 |
|
I thought that was only on gentoo? | by Sharku | 2006-09-07 15:48:19 |
|
it's like that on all distros | by Freakazoid | 2006-09-07 15:49:36 |
| Um, no, it's not. |
by bwkaz |
2006-09-07 16:17:42 |
LFS (which isn't actually a distro in the traditional sense, but is the basis for a lot of "one-off" distros) just compiles shadow and leaves most settings in shadow's /etc/login.defs file at their defaults. (It does not install PAM, though it does mention that if you plan on using PAM, you should go install it before installing shadow.)
Anyway, shadow's /etc/login.defs file has a parameter in it for whether /bin/su will allow users who are not members of the wheel group have access to UID 0 -- and it's off by default (so by default, everyone can su to root). ("The wheel group" is documented to be the first group in /etc/groups that has GID 0.) The permissions on /bin/su are also 4755, so all users can execute it.
(There's at least one LFS hint that mentions changing /bin/su so that its GID is some trusted group, and removing world-read and world-execute permission. Then only members of that trusted group -- and root -- can change to *any* different user. But again, it's not the default.) |
|
[ Reply ] |
|
|
[Todays Cartoon Discussion]
[News Index]
|
|
