On Wed, Dec 08, 2021 at 01:50:47PM +0100, Lennart Poettering wrote:
So here's what I'd suggest: let's define a group (my
suggestion: let's
repurpose "wheel" for that) that has the effect that the passwords of
any user in it are also accepted as password for the root user,
My working real-world security knowledge is dangerously out of date so I will
defer to others on the proposal itself, but: yes, we already treat wheel
membership as "able to escalate to root", and it seems sane to reuse.
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader