Need to use newgrp or equivalent
Brandon S. Allbery
allbery at ncoast.UUCP
Fri Nov 11 10:09:07 AEST 1988
As quoted from <1843 at cbnews.ATT.COM> by lml at cbnews.ATT.COM (L. Mark Larsen):
+---------------
| Assuming you are using the standard /bin/sh, turning on the setuid bit
| of /bin/newgrp is unlikely to have any impact since the newgrp command
| is a built-in command (also built-in in ksh). Without further details,
| it is hard to say what might be the problem. Suffice it to say that
| newgrp works fine in SysV UNIX.
+---------------
newgrp is built into the shell, yes... but only so that the shell will exec
it instead of forking. It DOES require root privileges to change your gid
(BSD equivalent: add entries to your group vector) for the same reason it
takes root privileges to change your uid.
Assuming non-BSD groups, make sure the group line in /etc/groups doesn't
have a password. "newgrp" enforces passwords, although there is no way to
set them aside from kluging with "passwd" and "vipw". (Note that group
passwords are generally considered to be "fake security", i.e. they don't
really buy you anything security-wise.)
++Brandon
--
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery <PREFERRED!> ncoast!allbery at hal.cwru.edu
allberyb at skybridge.sdi.cwru.edu <ALSO> allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
Send comp.sources.misc submissions to comp-sources-misc@<backbone>.
More information about the Comp.unix.wizards
mailing list