From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-17764-mason-zsh=primenet.com.au@sunsite.dk>
Received: (qmail 7437 invoked from network); 4 Oct 2002 19:30:29 -0000
Received: from sunsite.dk (130.225.247.90)
  by ns1.primenet.com.au with SMTP; 4 Oct 2002 19:30:29 -0000
Received: (qmail 4359 invoked by alias); 4 Oct 2002 19:30:18 -0000
Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm
Precedence: bulk
X-No-Archive: yes
X-Seq: 17764
Received: (qmail 4339 invoked from network); 4 Oct 2002 19:30:16 -0000
Date: Fri, 4 Oct 2002 14:30:13 -0500
From: Dan Nelson <dnelson@allantgroup.com>
To: Frank v Waveren <fvw@var.cx>
Cc: zsh-workers@sunsite.dk
Subject: Re: [PATCH] Allow gid 0 in compaudit
Message-ID: <20021004193012.GA33584@dan.emsphone.com>
References: <1033747042SCQ.fvw@jareth.var.cx>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1033747042SCQ.fvw@jareth.var.cx>
X-OS: FreeBSD 5.0-CURRENT
X-message-flag: Outlook Error
User-Agent: Mutt/1.5.1i

In the last episode (Oct 04), Frank v Waveren said:
> Attached is a patch to have compaudit (called by compaudit) not
> complain about directories owned by wheel, is there any chance of
> having it applied? I can't think of any systems where gid 0 can't be
> trusted...

Lots of users can be in wheel; on BSD systems you can't su to root
unless you're in wheel.  A group-writable directory with a gid of wheel
is in the "iffy" category.  I'd lean toward leaving the warning as is.

-- 
	Dan Nelson
	dnelson@allantgroup.com