Sergey wrote:
I do realise that, however setting "wheel group" security option
to /etc/pam.d/su has always been considered enough. For years. Until the
USERMODE port, supposed to make the authentication process EASIER, has made
the whole system vulnerable.
Why should I know that system-config-users has opened a security hole?
If you restrict only su to using the wheel group using pam none of the
other programs which perform authentication is affected which includes
system-config-users. If you want 'wheel' group support against other
such programs feel free to file a request for enhancement against the
particular packages preferably with patches.
regards
Rahul
