-----BEGIN PGP SIGNED MESSAGE----- On Mon, 25 Oct 1999, Philip Thiem wrote:
> Brad wrote: > > The way wheel works is that any user can use su, but only users in the > > wheel group are allowed to su to root (uid 0). Your suggestion will not > > let any user besides those in adm use su at all (which may be what you > > want). > > > > The programs that don't support wheel then are ones that don't have the > > code for checking the group membership. > > I would recommend secure-su then. > and used in the configuration file > root:ALL EXCEPT GROUP [wheel|adm] DENY With the pamization of potato, IIRC you can just plug a wheel-group pam module into the regular potato su. Of course, this doesn't help immediately if you're staying with slink ;) - -- finger for PGP public key. -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBOBaMc77M/9WKZLW5AQG6zQP/QaFxJZxQKTRLWgOrZlFYlVVRLDakKXIP C/tuK4JDu/nySSwC+qA5lXnDpFCSbxXfO+Hm9xMgQAKa/+nqTWhvkC5RU4zPt1fK 0OTsa+EX2RB8KRQDrtd3QdJ5aj/gRTMTvm/VpUdkCrSqrnXg0k07BkcXzeQR3RkC PTAevyLWTWo= =nEyz -----END PGP SIGNATURE-----
