diff options
author | guido <guido@FreeBSD.org> | 1997-02-24 20:32:24 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 1997-02-24 20:32:24 +0000 |
commit | a174a13af3f3ab7c4603e7530a5089069d6aef33 (patch) | |
tree | 9e53cb9ff65c62c162d01056fbe40ff79a34676e | |
parent | 501901f78fe5cac979731f6066eb35d432f2fa35 (diff) | |
download | FreeBSD-src-a174a13af3f3ab7c4603e7530a5089069d6aef33.zip FreeBSD-src-a174a13af3f3ab7c4603e7530a5089069d6aef33.tar.gz |
When group wheel is empty, allow everyone to su to root. This has normally
no conseqeunces as we ship with a non-empty wheel.
Closes PR/1882
Submitted by: Arne Henrik Juul <arnej@frida.imf.unit.no>
-rw-r--r-- | usr.bin/su/su.1 | 7 | ||||
-rw-r--r-- | usr.bin/su/su.c | 5 |
2 files changed, 7 insertions, 5 deletions
diff --git a/usr.bin/su/su.1 b/usr.bin/su/su.1 index f7c6e74..0c60ec7 100644 --- a/usr.bin/su/su.1 +++ b/usr.bin/su/su.1 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)su.1 8.2 (Berkeley) 4/18/94 -.\" $Id$ +.\" $Id: su.1,v 1.7 1997/02/22 19:57:15 peter Exp $ .\" .\" this is for hilit19's braindeadness: " .Dd April 18, 1994 @@ -149,12 +149,13 @@ option as understood by most shells. Note that usually expects a single argument only; you have to quote it when passing multiple words. .Pp -Only users in group 0 (normally +Only users listed in group 0 (normally .Dq wheel ) can .Nm su to -.Dq root . +.Dq root , +unless this group is empty. .Pp By default (unless the prompt is reset by a startup file) the super-user prompt is set to diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c index 210c3ae..fa4f02a 100644 --- a/usr.bin/su/su.c +++ b/usr.bin/su/su.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94"; */ static const char rcsid[] = - "$Id: su.c,v 1.15 1997/01/13 06:39:19 davidn Exp $"; + "$Id: su.c,v 1.17 1997/01/14 09:24:09 davidn Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -223,7 +223,8 @@ main(argc, argv) #endif { /* only allow those in group zero to su to root. */ - if (pwd->pw_uid == 0 && (gr = getgrgid((gid_t)0))) + if (pwd->pw_uid == 0 && (gr = getgrgid((gid_t)0)) && + gr->gr_mem && *(gr->gr_mem)) for (g = gr->gr_mem;; ++g) { if (!*g) errx(1, |