diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2013-02-08 14:14:00 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2013-02-08 14:14:00 +0000 |
commit | 30c4fc7cf9350cb561bc93e3068b046a6c06120e (patch) | |
tree | cffcd5089e54fc87679d9c16b2338d52dbd4332d /usr.bin | |
parent | 5b2acfeca51d39d46173af7b39485eb87213855b (diff) | |
download | src-test2-30c4fc7cf9350cb561bc93e3068b046a6c06120e.tar.gz src-test2-30c4fc7cf9350cb561bc93e3068b046a6c06120e.zip |
Notes
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/newgrp/newgrp.1 | 13 | ||||
-rw-r--r-- | usr.bin/newgrp/newgrp.c | 3 |
2 files changed, 13 insertions, 3 deletions
diff --git a/usr.bin/newgrp/newgrp.1 b/usr.bin/newgrp/newgrp.1 index 44ab9fd56583..463558410a91 100644 --- a/usr.bin/newgrp/newgrp.1 +++ b/usr.bin/newgrp/newgrp.1 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 23, 2002 +.Dd February 8, 2013 .Dt NEWGRP 1 .Os .Sh NAME @@ -90,6 +90,15 @@ A utility appeared in .At v6 . .Sh BUGS +For security reasons, the +.Nm +utility is normally installed without the setuid bit. +To enable it, run the following command: +.Bd -literal -offset indent +chmod u+s /usr/bin/newgrp +.Ed +.Pp Group passwords are inherently insecure as there is no way to stop -users obtaining the crypted passwords from the group database. +users obtaining the password hash from the group database. Their use is discouraged. +Instead, users should simply be added to the necessary groups. diff --git a/usr.bin/newgrp/newgrp.c b/usr.bin/newgrp/newgrp.c index b3f6103b3aed..9b3972e9eaf6 100644 --- a/usr.bin/newgrp/newgrp.c +++ b/usr.bin/newgrp/newgrp.c @@ -73,7 +73,8 @@ main(int argc, char *argv[]) { int ch, login; - euid = geteuid(); + if ((euid = geteuid()) != 0) + warnx("need root permissions to function properly, check setuid bit"); if (seteuid(getuid()) < 0) err(1, "seteuid"); |