From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-17769-mason-zsh=primenet.com.au@sunsite.dk>
Received: (qmail 8643 invoked from network); 4 Oct 2002 21:32:46 -0000
Received: from sunsite.dk (130.225.247.90)
  by ns1.primenet.com.au with SMTP; 4 Oct 2002 21:32:46 -0000
Received: (qmail 25930 invoked by alias); 4 Oct 2002 21:32:34 -0000
Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm
Precedence: bulk
X-No-Archive: yes
X-Seq: 17769
Received: (qmail 25909 invoked from network); 4 Oct 2002 21:32:33 -0000
Date: Fri, 4 Oct 2002 23:32:28 +0200
From: Frank v Waveren <fvw@var.cx>
To: Dan Nelson <dnelson@allantgroup.com>
Cc: zsh-workers@sunsite.dk
Subject: Re: [PATCH] Allow gid 0 in compaudit
Message-ID: <1033766328YDF.fvw@jareth.var.cx>
References: <1033747042SCQ.fvw@jareth.var.cx> <20021004193012.GA33584@dan.emsphone.com> <1033763915OMK.fvw@jareth.var.cx> <1033764006QTC.fvw@jareth.var.cx> <20021004205233.GC33584@dan.emsphone.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021004205233.GC33584@dan.emsphone.com>
User-Agent: Mutt/1.3.28i

On Fri, Oct 04, 2002 at 03:52:34PM -0500, Dan Nelson wrote:
> It implies that the person knows the password, yes.  But until they
> actually su to root, they shouldn't get any extra permissions IMHO. 
> Wheel just means "I can be root if I want", not "I am root".
Not "I am root", but I'd say it's something close to the debian
'staff'. You do get a few free goodies like reading logs as the plain
user, and there are some BSD sites that run with wheel having write on
quite some things... Still, better safe than sorry I guess.

-- 
Frank v Waveren                                      Fingerprint: 0EDB 8787
fvw@[var.cx|stack.nl|dse.nl|chello.nl] ICQ#10074100     09B9 6EF5 6425 B855
Public key: hkp://wwwkeys.pgp.net/fvw@var.cx            7179 3036 E136 B85D