Re: History ...: [RFC] disabled root account / distinct group for users with administrative privileges

To: debian-devel@lists.debian.org
Subject: Re: History ...: [RFC] disabled root account / distinct group for users with administrative privileges
From: Simon McVittie <smcv@debian.org>
Date: Sun, 24 Oct 2010 21:22:10 +0100
Message-id: <[🔎] 20101024202210.GB20212@reptile.pseudorandom.co.uk>
In-reply-to: <[🔎] 20101024090545.GA10658@debian.org>
References: <[🔎] 4CBCCC71.5010507@debian.org> <[🔎] 1287468956.18904.8.camel@tomoyo> <[🔎] 201010190948.58805.jesus.navarro@undominio.net> <[🔎] 20101020021142.GA11047@virgil.dodds.net> <[🔎] 20101020051257.GL3375@mykerinos.kheops.frmug.org> <[🔎] 87eibkfr55.fsf@windlord.stanford.edu> <[🔎] 20101021044900.GB3479@mykerinos.kheops.frmug.org> <[🔎] 87hbgfo8bs.fsf@poker.hands.com> <[🔎] 1287863081.3200.219.camel@sorbet.thuis.net> <[🔎] 20101024090545.GA10658@debian.org>

On Sun, 24 Oct 2010 at 18:05:45 +0900, Osamu Aoki wrote:
> (Let's use old "wheel" group in line with current documentations.)

That's not in line with wheel's historical use, though... historically
wheel meant "may run su(8) at all". Everyone on a GNU system has the
privileges traditionally given to the wheel group - they can su to any
other user *whose password they also know*, including root.

(The section you cited in the coreutils info page also mentions needing to
know the root password.)

The required group in this thread is "can become root by using *their own*
password, without knowing the root password" - i.e. sudo on current Debian
or admin on current Ubuntu.

    S

Reply to:

Follow-Ups:
- Re: History ...: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Osamu Aoki <osamu@debian.org>

References:
- [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Michael Biebl <biebl@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Josselin Mouette <joss@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: "Jesús M. Navarro" <jesus.navarro@undominio.net>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Steve Langasek <vorlon@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Christian PERRIER <bubulle@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Russ Allbery <rra@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Christian PERRIER <bubulle@debian.org>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Philip Hands <phil@hands.com>
- Re: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Arthur de Jong <adejong@debian.org>
- History ...: [RFC] disabled root account / distinct group for users with administrative privileges
  - From: Osamu Aoki <osamu@debian.org>

Prev by Date: Bug#601277: ITP: drupal6-mod-openid-provider -- openid_provider modules for Drupal 6
Next by Date: Re: bind runs apt-cache during shutdown????
Previous by thread: History ...: [RFC] disabled root account / distinct group for users with administrative privileges
Next by thread: Re: History ...: [RFC] disabled root account / distinct group for users with administrative privileges
Index(es):
- Date
- Thread