QA

In Chapter 28, "Command-Line System Administration," I learned about cron. Using the find commands in this chapter, can I create a cron task that automatically searches for new SUID or SGID binaries periodically?

Yes, this is an ideal use of the cron system and shell scripting, and a good exercise to help you learn the ins and outs of both.

I have read other Linux security guides on the Web that recommend securing the su command by editing a file in the /etc/pam.d directory. What's the difference between implementing wheel using permissions and implementing wheel using PAM?

The su command can be used to become any user for whom you have a valid password, not just the root user. The /etc/pam.d method of restricting su access allows only members of wheel to become the root user, but regular users can still use su to become other regular users, provided that they have the correct passwords. The permissions-based method discussed in this chapter puts the su command completely off limits to everyone but members of wheela more secure solution altogether, and without major drawbacks because legitimate uses of su by non-wheel members are rare.