Date: Mon, 17 Jun 2002 04:30:06 -0700 (PDT) From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/39382: Passwd will not work when root su's into a user. Message-ID: <200206171130.g5HBU6S99125@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/39382; it has been noted by GNATS. From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx> To: Dan Mahoney <freebsdbugs@gushi.org> Cc: freebsd-gnats-submit@FreeBSD.ORG Subject: Re: misc/39382: Passwd will not work when root su's into a user. Date: Mon, 17 Jun 2002 13:20:31 +0200 --=.s,B'KT2.ZU)cx_ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Sun, 16 Jun 2002 15:48:05 -0700 (PDT) Dan Mahoney wrote: > >Description: > When root su's down to another account, even using -l to > simulate a full login, they are unable to try to use passwd (as > the user) to change their password, because passwd apparently > checks realuid, and not effectiveuid. This also breaks usermin, > which runs as a normal user, and has a password change module > that uses passwd. this is not true. it cannot check the effective id because this is always changed to 0 (suid root!). passwd(1) checks the login name with getlogin(). this is the only one and true[tm] way to support different accounts with the same UID (for example personalized root accounts etc). besides, su'ing only to change a passwd seems overkill. cheerz simon -- /"\ http://corecode.ath.cx/#donate \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News --=.s,B'KT2.ZU)cx_ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9DcYCr5S+dk6z85oRAhQ/AKDCP0w8nidBHDZdHuKl/+b3wv3MAgCg/WvT v686kER54rwKH+1DD7HQF+4= =SPWt -----END PGP SIGNATURE----- --=.s,B'KT2.ZU)cx_-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206171130.g5HBU6S99125>