Question about a recent installation

Jonathan McKeown jonathan+freebsd-questions at
Tue May 6 06:10:50 UTC 2008

On Tuesday 06 May 2008 00:08, Mario Vazquez wrote:
> I have been using different Linux distributions for some years, and decided
> to give FreeBSD a try.  The install was successful, but have a question
> about how the root account is made.  Found that the root folder was created
> with the user/group privileges root:wheel.  Is not that a kind of security
> risk?  I know that usually only the account used by the administrator is
> the one, in addition to root, that belongs to the wheel group.  But also I
> know that sometimes admins get lazy and give for limited time extra
> privileges just to allow someone to do something, and that's where the
> danger can come.  Btw, that's just my opinion.

Not sure why it would be a security risk. wheel is the group for people who 
are allowed to su to root, so you should probably expect members of group 
wheel to have (or be able to get) root privs anyway.

I'm not sure whether by ``root folder'' you mean / or /root , but in either 
case the wheel group doesn't have write access, at least on my system,and 
root's umask is 022, so created files aren't writable by members of wheel 

Lazy admins, of course, are a security risk. No-one should ever be given more 
privileges than they need, and as others have pointed out, sudo is a good 
answer to this problem. (In fact the first four ports that go on every box I 
set up, before I even think about what the box is for, are www/lynx, 
sysutils/screen, ports-mgmt/portupgrade and security/sudo ).


More information about the freebsd-questions mailing list