On Fri, May 06, 2011 at 12:20:17PM -0300, Henrique de Moraes Holschuh wrote: > On Fri, 06 May 2011, Stanisław Findeisen wrote: > > Restricting certain privileges (like su root) to certain users only > > looks more secure than letting everyone do it... Is there any particular > > reason Debian GNU/Linux is so permissive by default?
> Beats me. I am one of those who fight to keep braindamage such as > wide-open "sudo su -" and password-less root accounts away from Debian, > so asking me about it would be moot. > File a wishlist bug against the debian-installer (if one doesn't exist > already), requesting the optional support of pam_wheel at install time. No. /etc/pam.d/su is a conffile owned by the login package; you need to file a bug there first and get the maintainers to provide a policy-compliant mechanism for configuring this change to the file. *Then* you can talk to the installer team about supporting it (if debconf doesn't already give you that automatically). But I hope the login maintainers 'wontfix' any such bug report. This is a silly edge case to spend time making configurable via the installer. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110506163733.ga17...@virgil.dodds.net
