From 30c4fc7cf9350cb561bc93e3068b046a6c06120e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Fri, 8 Feb 2013 14:14:00 +0000 Subject: [PATCH] Print a warning if not setuid root. Document the need for the setuid bit and how to set it. Explain why it isn't set by default, and suggest simply adding users to groups instead. PR: docs/167741 MFC after: 3 weeks --- usr.bin/newgrp/newgrp.1 | 13 +++++++++++-- usr.bin/newgrp/newgrp.c | 3 ++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/usr.bin/newgrp/newgrp.1 b/usr.bin/newgrp/newgrp.1 index 44ab9fd5658..463558410a9 100644 --- a/usr.bin/newgrp/newgrp.1 +++ b/usr.bin/newgrp/newgrp.1 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 23, 2002 +.Dd February 8, 2013 .Dt NEWGRP 1 .Os .Sh NAME @@ -90,6 +90,15 @@ A utility appeared in .At v6 . .Sh BUGS +For security reasons, the +.Nm +utility is normally installed without the setuid bit. +To enable it, run the following command: +.Bd -literal -offset indent +chmod u+s /usr/bin/newgrp +.Ed +.Pp Group passwords are inherently insecure as there is no way to stop -users obtaining the crypted passwords from the group database. +users obtaining the password hash from the group database. Their use is discouraged. +Instead, users should simply be added to the necessary groups. diff --git a/usr.bin/newgrp/newgrp.c b/usr.bin/newgrp/newgrp.c index b3f6103b3ae..9b3972e9eaf 100644 --- a/usr.bin/newgrp/newgrp.c +++ b/usr.bin/newgrp/newgrp.c @@ -73,7 +73,8 @@ main(int argc, char *argv[]) { int ch, login; - euid = geteuid(); + if ((euid = geteuid()) != 0) + warnx("need root permissions to function properly, check setuid bit"); if (seteuid(getuid()) < 0) err(1, "seteuid");