svn commit: r253205 - stable/9/usr.bin/newgrp
Dag-Erling Smørgrav
des at FreeBSD.org
Thu Jul 11 12:47:07 UTC 2013
Author: des
Date: Thu Jul 11 12:47:06 2013
New Revision: 253205
URL: http://svnweb.freebsd.org/changeset/base/253205
Log:
MFH (r246553): document and explain need for setuid bit.
PR: docs/167741
Modified:
stable/9/usr.bin/newgrp/newgrp.1
stable/9/usr.bin/newgrp/newgrp.c
Directory Properties:
stable/9/usr.bin/newgrp/ (props changed)
Modified: stable/9/usr.bin/newgrp/newgrp.1
==============================================================================
--- stable/9/usr.bin/newgrp/newgrp.1 Thu Jul 11 12:46:35 2013 (r253204)
+++ stable/9/usr.bin/newgrp/newgrp.1 Thu Jul 11 12:47:06 2013 (r253205)
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd May 23, 2002
+.Dd February 8, 2013
.Dt NEWGRP 1
.Os
.Sh NAME
@@ -90,6 +90,15 @@ A
utility appeared in
.At v6 .
.Sh BUGS
+For security reasons, the
+.Nm
+utility is normally installed without the setuid bit.
+To enable it, run the following command:
+.Bd -literal -offset indent
+chmod u+s /usr/bin/newgrp
+.Ed
+.Pp
Group passwords are inherently insecure as there is no way to stop
-users obtaining the crypted passwords from the group database.
+users obtaining the password hash from the group database.
Their use is discouraged.
+Instead, users should simply be added to the necessary groups.
Modified: stable/9/usr.bin/newgrp/newgrp.c
==============================================================================
--- stable/9/usr.bin/newgrp/newgrp.c Thu Jul 11 12:46:35 2013 (r253204)
+++ stable/9/usr.bin/newgrp/newgrp.c Thu Jul 11 12:47:06 2013 (r253205)
@@ -73,7 +73,8 @@ main(int argc, char *argv[])
{
int ch, login;
- euid = geteuid();
+ if ((euid = geteuid()) != 0)
+ warnx("need root permissions to function properly, check setuid bit");
if (seteuid(getuid()) < 0)
err(1, "seteuid");
More information about the svn-src-stable-9
mailing list