Oystein Viggen <[EMAIL PROTECTED]> writes: > * [Thomas Bushnell, BSG] > > > Yes, group 0 is the wheel group. HOW DOES THIS CAUSE A SECURITY > > ISSUE? Please be specific and not vague. > > Combined with umask 002 (suggested by yourself), this gives members of > the wheel group write access to all files created in /tmp by default, as > these files will be writable for group root. This is bad, as I don't > believe being a member of the wheel group should give access to mess > with other peoples files without actually typing in su and the root > password.
This is not a security issue. Members of the wheel group already have the power to write such files (by using su, of course). In any case, this is the basic reason why the inherit-group property probably should be restricted to inherit-only-if-i'm-a-member-of-the-group. _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
