翡ill Vermillionꬠ<bv@wjv.com> wrote: > But if a person who is not in wheel su's to a user who is in wheel, > then they can su to root - as the system sees them as the other > user. This means that the 'wheel' security really is nothing more > than a 2 password method to get to root. It is exactly that. > If the EUID of the orignal invoker is checked, even if they su'ed > to a person in wheel, then they should not be able to su to root. No, since the EUID is also changed on su. > I'm asking why is this permitted, or alternatively why is putting a > user in the wheel group supposed to make things secure, when in > reality it just makes it seem more secure - as there is only one > more password to crack. Well, if su could not su from a non-wheel user to a wheel user, the user would just ssh to localhost instead. For example. -- / --- Where bots rampage, I'm there to take them down! --- \ / ------ Where trouble arises, I'm there to cause it! ------ \ \ Where an enemy tries to frag me, victory will be mine!!!1! / {{dup[exch{dup exec}fork =}loop}dup exec >> http://www.ccc-offenbach.org << _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"