Misleading message in 'su' info document

blocke at shivan.org blocke at shivan.org
Tue Aug 19 18:51:06 UTC 2003


>
>> > In my opinion such historical baggage is harmful and should be pulled
>> > from at least Red Hat's copy of the 'su' info page.
>> >
>> > Any opinions?
>
> I am against any change. The default behavior is documented correctly.

This is not documenting a default behaviour.  This is documenting that the
 functionality is not provided at all when it is and gives an ancient rant
as an excuse why.  In my opinion if people want to preserve the rant for
historical rants it should be moved into its own file under /usr/share/doc
with a disclaimer saying its ancient information.

> The fact that one can achieve a different result has nothing to do
> specifically with su. There are a few different ways of limiting su
> privileges, one being PAM, another by removing the public execute bit of
> su and making the file group wheel.

Thus breaking user to user su for non-wheel users.  It is not the same.

> The GNU su code itself does not
> impose limits, and probably never should.

But in Red Hat it does, via pam, and should be documented as such.

- Bruce






More information about the devel mailing list