diff options
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/newgrp/newgrp.1 | 13 | ||||
-rw-r--r-- | usr.bin/newgrp/newgrp.c | 3 |
2 files changed, 13 insertions, 3 deletions
diff --git a/usr.bin/newgrp/newgrp.1 b/usr.bin/newgrp/newgrp.1 index 44ab9fd..4635584 100644 --- a/usr.bin/newgrp/newgrp.1 +++ b/usr.bin/newgrp/newgrp.1 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 23, 2002 +.Dd February 8, 2013 .Dt NEWGRP 1 .Os .Sh NAME @@ -90,6 +90,15 @@ A utility appeared in .At v6 . .Sh BUGS +For security reasons, the +.Nm +utility is normally installed without the setuid bit. +To enable it, run the following command: +.Bd -literal -offset indent +chmod u+s /usr/bin/newgrp +.Ed +.Pp Group passwords are inherently insecure as there is no way to stop -users obtaining the crypted passwords from the group database. +users obtaining the password hash from the group database. Their use is discouraged. +Instead, users should simply be added to the necessary groups. diff --git a/usr.bin/newgrp/newgrp.c b/usr.bin/newgrp/newgrp.c index b3f6103..9b3972e 100644 --- a/usr.bin/newgrp/newgrp.c +++ b/usr.bin/newgrp/newgrp.c @@ -73,7 +73,8 @@ main(int argc, char *argv[]) { int ch, login; - euid = geteuid(); + if ((euid = geteuid()) != 0) + warnx("need root permissions to function properly, check setuid bit"); if (seteuid(getuid()) < 0) err(1, "seteuid"); |