On Thu, Jul 26, 2001 at 03:46:15AM +0200, Sheldon Hearn wrote:
> 
> 
> On Thu, 26 Jul 2001 03:15:38 +0200, Sheldon Hearn wrote:
> 
> > I've completed a pretty clean crossgrade [1] to -CURRENT and find that
> > su is broken.  I thought this had been fixed.
> > 
> > I have a virgin rev 1.17 /etc/pam.conf, I'm in group wheel, I built
> > world with no funky options, the su binary (built from su rev 1.39)
> > really is setuid root and yet I get the amazingly helpful error message:
> > 
> >    su: Sorry
> 
> Found it. pam_wheel is a whore.  It doesn't use getgid() or getegid(),
> but instead grovels through /etc/group manually.
> 
> I'm in group wheel by virtue of the fact that my GID specified in the
> passwd file is 0.  I don't have to be in /etc/group.
> 
> Unless, of course, I want to su. :-)

Isn't this backwards?  Code shouldn't be making assumptions about the
special meaning of numeric gids.  What if you wanted to renumber gid
wheel to something else?

Kris

PGP signature

Reply via email to