Return to BSD News archive
Xref: sserve comp.unix.bsd.misc:73 comp.unix.bsd.freebsd.misc:1439 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.uwa.edu.au!classic.iinet.com.au!news.uoknor.edu!news.ecn.uoknor.edu!paladin.american.edu!zombie.ncsc.mil!news.mathworks.com!gatech!howland.reston.ans.net!nntp.crl.com!pacbell.com!nntp-hub2.barrnet.net!news1.digital.com!pa.dec.com!nntpd.lkg.dec.com!leggy.zk3.dec.com!orb!spider From: spider@Orb.Nashua.NH.US (Spider Boardman) Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.freebsd.misc Subject: Re: su root: who's in group "wheel"? Date: 25 May 1995 03:08:28 GMT Organization: Duchy of Wabesylvan Obspauk Lines: 18 Message-ID: <SPIDER.95May24230828@orb.Nashua.NH.US> References: <D92p8L.3xC@midway.uchicago.edu> NNTP-Posting-Host: orb.nashua.nh.us In-reply-to: Tim Pierce's message of Wed, 24 May 1995 08:09:33 GMT In article <D92p8L.3xC@midway.uchicago.edu> Tim Pierce <twpierce@midway.uchicago.edu> writes: Tim> When you attempt to su root, it appears that su determines Tim> whether you're in group 0 by calling getgrgid, [snip] Tim> Is this a bug in getgrgid, or in su? Or is it a bug at all? Tim> (Sure looks that way to me.) That looks like a bug to me. Digital UNIX (ne DEC OSF/1) used to have that same problem. It's since changed to making a call to getgroups() and verifying that group 0 is in the set. This makes su authorisation no longer dynamic, but it does ensure the group 0 check is in sync with all the ways initgroups() can set your memberships. -- Spider Boardman (at home) spider@Orb.Nashua.NH.US The management (my cats) made me say this. ...!decvax!orb!spider