Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: pianoman1976
pianoman1976 Author
User level: Level 1
104 points

Wheel Group

I have noticed a trend that when on very seldom occasion some strangeness is going on with my system - the wheel group keeps popping up. This group seems to have unrestricted access - therefore I associate it as being a threat. I'm wondering what the normal ops standard is with this group. Is it normal to see this group throughout my system?

Is it normal that all downloaded files have wheel group permissions set?

"One cannot log into a machine remotely via telnet as root (unless root has no password), and therefore users who wish to obtain root access remotely must first log in as a normal user and then use su to gain root access. By restricting wheel access you can therefore reduce the probability that a compromised account will result in an intruder obtaining privileged access via the network."

How do I restrict wheel access?

Message was edited by: pianoman1976

iMac 2.4 GHz Intel Core 2 Duo, 4 GB SDRAM, Mac OS X (10.5.6)

Posted on Jan 3, 2009 11:42 AM

Reply
39 replies
User profile for user: baltwo
baltwo
User level: Level 9
62,362 points

Jan 10, 2009 11:57 AM in response to pianoman1976

Before updating to 10.5.6, get a bootable, external HD (preferably FireWire, since it's 40-50% faster than USB 2 and designed for data transfers), make a bootable backup/clone before updating/upgrading, and ensure that it's bootable and works like the original. That allows you to revert to the previous good state without having to reinstall anything. See these for details:

http://docs.info.apple.com/article.html?artnum=106941
http://www.macmaps.com/upgradefaq.html
http://www.macmaps.com/backup.html
http://www.thexlab.com/faqs/installswupdates.html
http://www.thexlab.com/faqs/backuprecovery.html
Reply
User profile for user: Community User
Community User

Jan 22, 2009 2:41 PM in response to pianoman1976

You should fix the wheel issue for your home directory.

Go into Terminal and type this command: *sudo chmod -RN ~*

Than, boot off your Install DVD and choose Reset Password. Than find "Reset Home Directory Permissions and ACLs"

That should fix the permissions.
Reply
User profile for user: pianoman1976
pianoman1976 Author
User level: Level 1
104 points

Jan 22, 2009 2:53 PM in response to Community User

sudo chgrp -v -R staff ~/ seems to work just fine.

I have a few questions about your recommendation. I was familiar with sudo chmod -RN, but the way I learned it was to include a folder after -RN /

I don't know much about unix. So I gather the '~' takes care of all folders? If not, what does it do?

Doesn't sudo chmod -RN not only clear ACL's but also give the user full permissions control?

I too am somewhat familiar with the Reset Password ACL fix you mentioned using the Install DVD. What is purpose of doing sudo chmod -RN before doing this?

Message was edited by: pianoman1976
Reply
User profile for user: Community User
Community User

Jan 22, 2009 2:56 PM in response to pianoman1976

The ~ represents your home folder. You do not want to remove ACLs outside of it, plust that is where you are still having issues.

*sudo chmod -RN ~* will recursively remove ACLs in your home folder.

As for doing both, I'm not sure exactly what you did, but the command removes ACLs, and than the DVD utility will set the permissions to how they should be.
Reply

Wheel Group

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up