Securing-a-server.md

@@ -73,8 +73,8 @@ About the "members" group (assuming it's for a machine sitting alone on it's own
 Part 1: Basic permissions
 
 * By default, removing all perms for everyone on everything (duh!)
-* Give read access to everyone in /
-* Give execution rights to everyone for "/bin/clear"
+* Give read access to everyone in "/"
+* Give execution rights to everyone for "/bin/clear" and "/bin/sudo"
 * Create the groups and add them to users accordingly
 * Set group for /Public/ as "ftp" and give it group-level read
 * Set group for /Public/Downloads/ as "ftp" and give it (recursive) group-level read
@@ -93,7 +93,6 @@ Part 3: Advanced permissions
 * Set group for /home/ as "home" and give it group-level read  
 * Give (recursive) *!user-level!* read for child folders of /home/  
 * Set group for "/bin/ssh" as "ssh" and give it group-level execution rights
-* Set group for "/bin/sudo" as "gateway" and give it group-level execution rights
 * Set group "members" and give group-level execution rights for :  
   cd, ls, pwd, cat (File access)  
   rm, mv, cp, mkdir, rmdir, touch (File editing)