On Thu, Jul 26, 2001 at 03:46:15AM +0200, Sheldon Hearn wrote:
>
>
> On Thu, 26 Jul 2001 03:15:38 +0200, Sheldon Hearn wrote:
>
> > I've completed a pretty clean crossgrade [1] to -CURRENT and find that
> > su is broken. I thought this had been fixed.
> >
> > I have a virgin rev 1.17 /etc/pam.conf, I'm in group wheel, I built
> > world with no funky options, the su binary (built from su rev 1.39)
> > really is setuid root and yet I get the amazingly helpful error message:
> >
> > su: Sorry
>
> Found it. pam_wheel is a whore. It doesn't use getgid() or getegid(),
> but instead grovels through /etc/group manually.
>
> I'm in group wheel by virtue of the fact that my GID specified in the
> passwd file is 0. I don't have to be in /etc/group.
>
> Unless, of course, I want to su. :-)
Isn't this backwards? Code shouldn't be making assumptions about the
special meaning of numeric gids. What if you wanted to renumber gid
wheel to something else?
Kris
PGP signature
