[Mageia-dev] msec su for wheel
Colin Guthrie
mageia at colin.guthr.ie
Fri Dec 14 10:47:30 CET 2012
'Twas brillig, and Richard Couture at 14/12/12 01:10 did gyre and gimble:
> While teaching a class in administration of GNU Linux using Mageia I
> noted that when setting ENABLE_PAM_WHEEL_FOR_SU in msec that neither the
> group nor the permissions of the exec su were changed.
>
> [rrc at pwyr ~]$ ls -al $( which su )
> -rwsr-xr-x 1 root root 34904 Jun 9 2012 /bin/su*
>
> to my way of thinking, this option should change su as follows
> -rwsr-xr-- 1 root wheel 34904 Dec 12 2012 /bin/su*
So this would prevent user A su'ing to user B. I'm not sure that's
desired behaviour.
e.g. I quite often do "su - test" to become my test user.
The setting AFAIU only prevents users su'ing to root when not in the
wheel group, not su'ing to other users.
Col
--
Colin Guthrie
colin(at)mageia.org
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
More information about the Mageia-dev
mailing list