Date: Tue, 3 Apr 2001 03:13:29 -0500 From: Mike Meyer <mwm@mired.org> To: "Aaron Hill" <hillaa@hotmail.com> Cc: questions@freebsd.org, trond@ramstind.gtf.ol.no Subject: Re: Is there an equivalent of newgrp in FreeBSD? Message-ID: <15049.34345.325736.372823@guru.mired.org> In-Reply-To: <132676056@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Aaron Hill <hillaa@hotmail.com> types: > >The command newgrp exists on SysV inspired systems such as RISC/os and Red > >Hat GNU/Linux. Its purpose is to change the effective gid of the user > >running the command. The user may choose only from the groups he/she is a > >member of. > >What is the BSD equivalent, if any? > There is none that I know of. I've just come back from a week of Solaris > training and on the course it was explained that Sys V only allow a user to > be a member of one group at any one time, so the newgrp program was > necessary to swap the user to another group when required. In BSD a user can > be a member of several groups (maximum 32?) *concurrently* so there is no > need for this type of program. I thought they'd fixed that in SysV as well. In any case, BSD still has a distinguished group - that's what the various gid calls works on. It's the one that's fooled with by setgid programs, for instance. The only place I've seen it matter is that it's the one logged for accounting purposes. Elsewhere, programs should check the entire group list, not just the gid. If you need to do group accounting, you might want something like the newgrp command. Writing such is not hard, but if you're not careful you can lose a groups permissions. Which is why negative security (setting group permissions on a file to ---, then cramming people into that group to keep them out) is a bad idea. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15049.34345.325736.372823>