Wheel group

manmower · 2006-12-20 04:40:24

I have a very basic question about groups, I realize it's probably been answered before or elsewhere but man pages, google and searching the forum didn't come up with the information I'm looking for.

I'm wondering if there are any important (security) drawbacks to adding my user account to the wheel group. It is my understanding that the wheel group is there to regulate access to su, which everyone has by default in Arch anyways. Does it serve other purposes besides this?

I'm asking because I'd like to use the wheel group as a way to limit access to /var/abs/local. Does this make sense or is it just bad practice? Feel free to suggest alternatives.

Thanks.

toofishes · 2006-12-20 05:11:37

I use the wheel group for two purposes- limit access to sudo (which unlike su requires only a user password, not the root password), and allow writing to the abs tree at /var/abs. I do the second thing by using the sticky group bit and chgrp-ing all files and directories to wheel. I also then do a chmod g+w.
As for security concerns, I don't have a whole lot because I am the only user of my computer, not that it is a very good reason. Someone else would have to weigh in on that.

T-Dawg · 2006-12-20 11:37:55

manmower wrote:

I'm asking because I'd like to use the wheel group as a way to limit access to /var/abs/local. Does this make sense or is it just bad practice? Feel free to suggest alternatives.

honestly I'd create a new abs group then chmod and chown the directory instead. That way you won't accidently give someone too many rights by using the wheel group. Escpecially when they involve su'ing and sudoi'ng.

manmower · 2006-12-20 14:54:40

T-Dawg: thanks, that does seem to be the safer way to go. Makes me wonder why I didn't think of that myself actually. :oops:

Arch Linux

#1 2006-12-20 04:40:24

Wheel group

#2 2006-12-20 05:11:37

Re: Wheel group

#3 2006-12-20 11:37:55

Re: Wheel group

#4 2006-12-20 14:54:40

Re: Wheel group

Board footer