From owner-cvs-usrbin Sun Feb 23 08:55:19 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id IAA18275 for cvs-usrbin-outgoing; Sun, 23 Feb 1997 08:55:19 -0800 (PST) Received: (from eivind@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id IAA18262; Sun, 23 Feb 1997 08:55:17 -0800 (PST) Date: Sun, 23 Feb 1997 08:55:17 -0800 (PST) From: Eivind Eklund Message-Id: <199702231655.IAA18262@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/rdist expand.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk eivind 97/02/23 08:55:16 Branch: usr.bin/rdist RELENG_2_2 Modified: usr.bin/rdist expand.c Log: YAMFC (Remove buffer overflow) Revision Changes Path 1.4.2.1 +9 -4 src/usr.bin/rdist/expand.c From owner-cvs-usrbin Sun Feb 23 15:44:09 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA10123 for cvs-usrbin-outgoing; Sun, 23 Feb 1997 15:44:09 -0800 (PST) Received: (from joerg@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA10116; Sun, 23 Feb 1997 15:44:07 -0800 (PST) Date: Sun, 23 Feb 1997 15:44:07 -0800 (PST) From: Joerg Wunsch Message-Id: <199702232344.PAA10116@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/rdist defs.h docmd.c server.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk joerg 97/02/23 15:44:05 Branch: usr.bin/rdist RELENG_2_2 Modified: usr.bin/rdist defs.h docmd.c server.c Log: Un-break RELENG_2_2 again. Sigh, it used to be un-broken for just some 3 hours or so only. :-( Forgotten-by: eiind Revision Changes Path 1.4.2.1 +2 -1 src/usr.bin/rdist/defs.h 1.6.2.1 +2 -2 src/usr.bin/rdist/docmd.c 1.5.2.1 +3 -3 src/usr.bin/rdist/server.c From owner-cvs-usrbin Sun Feb 23 17:40:45 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA16375 for cvs-usrbin-outgoing; Sun, 23 Feb 1997 17:40:45 -0800 (PST) Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA16359; Sun, 23 Feb 1997 17:40:32 -0800 (PST) Received: from time.cdrom.com (jkh@localhost [127.0.0.1]) by time.cdrom.com (8.8.5/8.6.9) with ESMTP id RAA23447; Sun, 23 Feb 1997 17:40:27 -0800 (PST) To: Joerg Wunsch cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/rdist defs.h docmd.c server.c In-reply-to: Your message of "Sun, 23 Feb 1997 15:44:07 PST." <199702232344.PAA10116@freefall.freebsd.org> Date: Sun, 23 Feb 1997 17:40:27 -0800 Message-ID: <23443.856748427@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > joerg 97/02/23 15:44:05 > > Branch: usr.bin/rdist RELENG_2_2 > Modified: usr.bin/rdist defs.h docmd.c server.c > Log: > Un-break RELENG_2_2 again. Sigh, it used to be un-broken for just > some 3 hours or so only. :-( I'm glad I'm running those nightly 2.2-GAMMA snaps; I get notification the instant the build falls over. :-) Jordan From owner-cvs-usrbin Mon Feb 24 11:55:55 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id LAA12270 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 11:55:55 -0800 (PST) Received: from nic.follonett.no (nic.follonett.no [194.198.43.10]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA12203; Mon, 24 Feb 1997 11:54:23 -0800 (PST) Received: (from uucp@localhost) by nic.follonett.no (8.8.5/8.8.3) with UUCP id UAA19397; Mon, 24 Feb 1997 20:51:10 +0100 (MET) Received: from oo7 (oo7.dimaga.com [192.0.0.65]) by dimaga.com (8.8.5/8.7.2) with SMTP id UAA25987; Mon, 24 Feb 1997 20:53:35 +0100 (MET) Message-Id: <3.0.32.19970224205334.00a92660@dimaga.com> X-Sender: eivind@dimaga.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Mon, 24 Feb 1997 20:53:35 +0100 To: Joerg Wunsch From: Eivind Eklund Subject: Re: cvs commit: src/usr.bin/rdist defs.h docmd.c server.c Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk At 03:44 PM 2/23/97 -0800, Joerg Wunsch wrote: >joerg 97/02/23 15:44:05 > > Branch: usr.bin/rdist RELENG_2_2 > Modified: usr.bin/rdist defs.h docmd.c server.c > Log: > Un-break RELENG_2_2 again. Sigh, it used to be un-broken for just > some 3 hours or so only. :-( > > Forgotten-by: eivind My apologies to everybody affected by this. *blush* I'll try (very hard) to make sure it doesn't happen again. Eivind Eklund perhaps@yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org From owner-cvs-usrbin Mon Feb 24 12:32:29 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA15863 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 12:32:29 -0800 (PST) Received: (from guido@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA15843; Mon, 24 Feb 1997 12:32:27 -0800 (PST) Date: Mon, 24 Feb 1997 12:32:27 -0800 (PST) From: Guido van Rooij Message-Id: <199702242032.MAA15843@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/su su.1 su.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk guido 97/02/24 12:32:27 Modified: usr.bin/su su.1 su.c Log: When group wheel is empty, allow everyone to su to root. This has normally no conseqeunces as we ship with a non-empty wheel. Closes PR/1882 Submitted by: Arne Henrik Juul Revision Changes Path 1.8 +4 -3 src/usr.bin/su/su.1 1.18 +3 -2 src/usr.bin/su/su.c From owner-cvs-usrbin Mon Feb 24 12:40:43 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA16406 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 12:40:43 -0800 (PST) Received: (from wollman@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA16399; Mon, 24 Feb 1997 12:40:41 -0800 (PST) Date: Mon, 24 Feb 1997 12:40:41 -0800 (PST) From: Garrett Wollman Message-Id: <199702242040.MAA16399@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/netstat mbuf.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk wollman 97/02/24 12:40:41 Modified: usr.bin/netstat mbuf.c Log: Use the new sysctl(3) interface to mbuf statistics rather than groveling about in kmem. Revision Changes Path 1.6 +19 -7 src/usr.bin/netstat/mbuf.c From owner-cvs-usrbin Mon Feb 24 12:59:06 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA17452 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 12:59:06 -0800 (PST) Received: (from wollman@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA17443; Mon, 24 Feb 1997 12:59:04 -0800 (PST) Date: Mon, 24 Feb 1997 12:59:04 -0800 (PST) From: Garrett Wollman Message-Id: <199702242059.MAA17443@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/systat mbufs.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk wollman 97/02/24 12:59:04 Modified: usr.bin/systat mbufs.c Log: Use new sysctl(3) interface to mbuf statistics. While we're at it, count free mbufs correctly. Revision Changes Path 1.5 +45 -21 src/usr.bin/systat/mbufs.c From owner-cvs-usrbin Mon Feb 24 14:46:44 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA25350 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 14:46:44 -0800 (PST) Received: from sequent.kiae.su (sequent.kiae.su [193.125.152.6]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id OAA25317; Mon, 24 Feb 1997 14:45:29 -0800 (PST) Received: by sequent.kiae.su id AA25514 (5.65.kiae-2 ); Tue, 25 Feb 1997 01:25:19 +0300 Received: by sequent.KIAE.su (UUMAIL/2.0); Tue, 25 Feb 97 01:25:17 +0300 Received: (from ache@localhost) by nagual.ru (8.8.5/8.8.5) id BAA01507; Tue, 25 Feb 1997 01:09:10 +0300 (MSK) Date: Tue, 25 Feb 1997 01:09:04 +0300 (MSK) From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= To: Guido van Rooij Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: <199702242032.MAA15843@freefall.freebsd.org> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 24 Feb 1997, Guido van Rooij wrote: > guido 97/02/24 12:32:27 > > Modified: usr.bin/su su.1 su.c > Log: > When group wheel is empty, allow everyone to su to root. This has normally > no conseqeunces as we ship with a non-empty wheel. I disagree. Some sysadmins intentionally make it empty to disallow 'su' and allow only root login from console. Also implicit defaults in this way can be potential hole. Direct list of users here shows better who currently have access than empty default with unknown users list, please back it out. -- Andrey A. Chernov http://www.nagual.ru/~ache/ From owner-cvs-usrbin Mon Feb 24 14:52:56 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA25791 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 14:52:56 -0800 (PST) Received: (from ache@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA25784; Mon, 24 Feb 1997 14:52:54 -0800 (PST) Date: Mon, 24 Feb 1997 14:52:54 -0800 (PST) From: "Andrey A. Chernov" Message-Id: <199702242252.OAA25784@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/calendar/calendars/ru_SU.KOI8-R calendar.common Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 97/02/24 14:52:53 Modified: usr.bin/calendar/calendars/ru_SU.KOI8-R calendar.common Log: Holiday renamed Should go into 2.2 Revision Changes Path 1.5 +2 -2 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.common From owner-cvs-usrbin Mon Feb 24 15:11:08 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA27037 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 15:11:08 -0800 (PST) Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA26724; Mon, 24 Feb 1997 15:08:50 -0800 (PST) Received: (from danny@localhost) by panda.hilink.com.au (8.8.5/8.7.3) id KAA05423; Tue, 25 Feb 1997 10:17:10 +1100 (EST) Date: Tue, 25 Feb 1997 10:17:09 +1100 (EST) From: "Daniel O'Callaghan" To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= cc: Guido van Rooij , CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 25 Feb 1997, =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= wrote: > On Mon, 24 Feb 1997, Guido van Rooij wrote: > > > guido 97/02/24 12:32:27 > > > > Modified: usr.bin/su su.1 su.c > > Log: > > When group wheel is empty, allow everyone to su to root. This has normally > > no conseqeunces as we ship with a non-empty wheel. > > I disagree. Some sysadmins intentionally make it empty to disallow 'su' > and allow only root login from console. Also implicit defaults in this way > can be potential hole. Direct list of users here shows better who > currently have access than empty default with unknown users list, please > back it out. What about an explicit entry for 'everyone'? e.g. wheel:*:0:* I'd much rather have people actively decide to allow su access than passively allow it. Danny From owner-cvs-usrbin Mon Feb 24 15:28:27 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA28752 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 15:28:27 -0800 (PST) Received: from veda.is (ubiq.veda.is [193.4.230.60]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA28636; Mon, 24 Feb 1997 15:27:59 -0800 (PST) Received: (from adam@localhost) by veda.is (8.8.4/8.7.3) id XAA27438; Mon, 24 Feb 1997 23:39:56 GMT From: Adam David Message-Id: <199702242339.XAA27438@veda.is> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from "[______ ______]" at "Feb 25, 97 01:09:04 am" To: ache@nagual.ru (=?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?=) Date: Mon, 24 Feb 1997 23:39:55 +0000 (GMT) Cc: guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > guido 97/02/24 12:32:27 > > > > Modified: usr.bin/su su.1 su.c > > Log: > > When group wheel is empty, allow everyone to su to root. This has normally > > no conseqeunces as we ship with a non-empty wheel. [Andrey] > I disagree. Some sysadmins intentionally make it empty to disallow 'su' > and allow only root login from console. Also implicit defaults in this way > can be potential hole. Direct list of users here shows better who > currently have access than empty default with unknown users list, please > back it out. Please leave it as it is now. If you make root the only member of wheel, that gives the behaviour that you seek. This is naturally intuitive. wheel:*:0:root,... #named users can su wheel:*:0:root #"only root can su" wheel:*:0: #anyone can su The 3rd line is "anyone" because "noone" would be equivalent to the 2nd line, since root (by definition) can always su. Sorry if I didn't state it clearly, it is really obvious though. Adam From owner-cvs-usrbin Mon Feb 24 16:45:31 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA05265 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 16:45:31 -0800 (PST) Received: (from mpp@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA05258; Mon, 24 Feb 1997 16:45:28 -0800 (PST) Date: Mon, 24 Feb 1997 16:45:28 -0800 (PST) From: Mike Pritchard Message-Id: <199702250045.QAA05258@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/calendar/calendars calendar.birthday Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk mpp 97/02/24 16:45:27 Modified: usr.bin/calendar/calendars calendar.birthday Log: Add the date of Carl Sagan's death, since we list his birthday. Obtained from: NetBSD PR# 3235 Revision Changes Path 1.5 +2 -1 src/usr.bin/calendar/calendars/calendar.birthday From owner-cvs-usrbin Mon Feb 24 17:20:38 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA07557 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 17:20:38 -0800 (PST) Received: (from mpp@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA07550; Mon, 24 Feb 1997 17:20:34 -0800 (PST) Date: Mon, 24 Feb 1997 17:20:34 -0800 (PST) From: Mike Pritchard Message-Id: <199702250120.RAA07550@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/calendar/calendars calendar.birthday calendar.history calendar.holiday calendar.music Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk mpp 97/02/24 17:20:33 Modified: usr.bin/calendar/calendars calendar.birthday calendar.history calendar.holiday calendar.music Log: Added calendar entries from OpenBSD and NetBSD that we were missing. Revision Changes Path 1.6 +11 -7 src/usr.bin/calendar/calendars/calendar.birthday 1.7 +3 -1 src/usr.bin/calendar/calendars/calendar.history 1.7 +4 -2 src/usr.bin/calendar/calendars/calendar.holiday 1.7 +2 -1 src/usr.bin/calendar/calendars/calendar.music From owner-cvs-usrbin Mon Feb 24 17:58:16 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA09883 for cvs-usrbin-outgoing; Mon, 24 Feb 1997 17:58:16 -0800 (PST) Received: (from mpp@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA09873; Mon, 24 Feb 1997 17:58:14 -0800 (PST) Date: Mon, 24 Feb 1997 17:58:14 -0800 (PST) From: Mike Pritchard Message-Id: <199702250158.RAA09873@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/calendar/calendars calendar.all calendar.birthday calendar.christian calendar.computer calendar.croatian calendar.german calendar.history calendar.holiday calendar.judaic calendar.music calendar.russian calendar.usholiday calendar.world src/usr.bin/calendar/calendars/de_DE.ISO_8859-1 calendar.all calendar.feiertag calendar.geschichte calendar.kirche calendar.literatur calendar.musik calendar.wissenschaft src/usr.bin/calendar/calendars/hr_HR.ISO_8859-2 calendar.all calendar.praznici src/usr.bin/calendar/calendars/ru_SU.KOI8-R calendar.all calendar.common calendar.msk calendar.orthodox calendar.pagan Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk mpp 97/02/24 17:58:12 Branch: usr.bin/calendar/calendars RELENG_2_2 usr.bin/calendar/calendars/de_DE.ISO_8859-1 RELENG_2_2 usr.bin/calendar/calendars/hr_HR.ISO_8859-2 RELENG_2_2 usr.bin/calendar/calendars/ru_SU.KOI8-R RELENG_2_2 Modified: usr.bin/calendar/calendars calendar.all calendar.birthday calendar.christian calendar.computer calendar.croatian calendar.german calendar.history calendar.holiday calendar.judaic calendar.music calendar.russian calendar.usholiday calendar.world usr.bin/calendar/calendars/de_DE.ISO_8859-1 calendar.all calendar.feiertag calendar.geschichte calendar.kirche calendar.literatur calendar.musik calendar.wissenschaft usr.bin/calendar/calendars/hr_HR.ISO_8859-2 calendar.all calendar.praznici usr.bin/calendar/calendars/ru_SU.KOI8-R calendar.all calendar.common calendar.msk calendar.orthodox calendar.pagan Log: YAMFC: sync up all of the calendars with -current. Revision Changes Path 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/calendar.all 1.2.2.1 +12 -7 src/usr.bin/calendar/calendars/calendar.birthday 1.4.2.1 +2 -2 src/usr.bin/calendar/calendars/calendar.christian 1.2.2.1 +1 -1 src/usr.bin/calendar/calendars/calendar.computer 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/calendar.croatian 1.2.4.1 +1 -1 src/usr.bin/calendar/calendars/calendar.german 1.3.2.2 +3 -1 src/usr.bin/calendar/calendars/calendar.history 1.4.2.1 +4 -2 src/usr.bin/calendar/calendars/calendar.holiday 1.2.2.1 +1 -1 src/usr.bin/calendar/calendars/calendar.judaic 1.4.2.1 +2 -1 src/usr.bin/calendar/calendars/calendar.music 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/calendar.russian 1.4.2.1 +1 -1 src/usr.bin/calendar/calendars/calendar.usholiday 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/calendar.world 1.2.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.all 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.feiertag 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.geschichte 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.kirche 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.literatur 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.musik 1.3.4.1 +1 -1 src/usr.bin/calendar/calendars/de_DE.ISO_8859-1/calendar.wissenschaft 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/hr_HR.ISO_8859-2/calendar.all 1.2.4.1 +1 -1 src/usr.bin/calendar/calendars/hr_HR.ISO_8859-2/calendar.praznici 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.all 1.2.2.1 +2 -2 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.common 1.2.2.1 +1 -1 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.msk 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.orthodox 1.1.4.1 +1 -1 src/usr.bin/calendar/calendars/ru_SU.KOI8-R/calendar.pagan From owner-cvs-usrbin Tue Feb 25 13:37:20 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA18286 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 13:37:20 -0800 (PST) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA18271; Tue, 25 Feb 1997 13:37:01 -0800 (PST) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id WAA08174; Tue, 25 Feb 1997 22:36:25 +0100 (MET) From: Guido van Rooij Message-Id: <199702252136.WAA08174@gvr.win.tue.nl> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from Daniel O'Callaghan at "Feb 25, 97 10:17:09 am" To: danny@panda.hilink.com.au (Daniel O'Callaghan) Date: Tue, 25 Feb 1997 22:36:25 +0100 (MET) Cc: ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > What about an explicit entry for 'everyone'? > e.g. wheel:*:0:* > > I'd much rather have people actively decide to allow su access than > passively allow it. There are no wldcards allowed in the forup member field. -Guido From owner-cvs-usrbin Tue Feb 25 13:38:21 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA18327 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 13:38:21 -0800 (PST) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA18322; Tue, 25 Feb 1997 13:38:07 -0800 (PST) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id WAA08200; Tue, 25 Feb 1997 22:37:54 +0100 (MET) From: Guido van Rooij Message-Id: <199702252137.WAA08200@gvr.win.tue.nl> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from =?ISO-8859-1?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= at "Feb 25, 97 01:09:04 am" To: ache@nagual.ru (=?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?=) Date: Tue, 25 Feb 1997 22:37:54 +0100 (MET) Cc: guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk áÎÄÒÅÊ þÅÒÎÏ× wrote: > On Mon, 24 Feb 1997, Guido van Rooij wrote: > > > guido 97/02/24 12:32:27 > > > > Modified: usr.bin/su su.1 su.c > > Log: > > When group wheel is empty, allow everyone to su to root. This has normally > > no conseqeunces as we ship with a non-empty wheel. > > I disagree. Some sysadmins intentionally make it empty to disallow 'su' > and allow only root login from console. Also implicit defaults in this way > can be potential hole. Direct list of users here shows better who > currently have access than empty default with unknown users list, please > back it out. > There is no other way to give everyne this functionality. Therefor I think it is a good idea...Besides, remember that the default wheel group is set with root. There is no empty default. -Guido From owner-cvs-usrbin Tue Feb 25 14:39:45 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA21232 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 14:39:45 -0800 (PST) Received: from po1.glue.umd.edu (root@po1.glue.umd.edu [129.2.128.44]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA21102; Tue, 25 Feb 1997 14:37:42 -0800 (PST) Received: from modem.eng.umd.edu (modem.eng.umd.edu [129.2.98.187]) by po1.glue.umd.edu (8.8.5/8.8.5) with ESMTP id RAA24120; Tue, 25 Feb 1997 17:37:35 -0500 (EST) Received: from localhost (chuckr@localhost) by modem.eng.umd.edu (8.8.5/8.7.3) with SMTP id RAA03991; Tue, 25 Feb 1997 17:37:34 -0500 (EST) X-Authentication-Warning: modem.eng.umd.edu: chuckr owned process doing -bs Date: Tue, 25 Feb 1997 17:37:34 -0500 (EST) From: Chuck Robey X-Sender: chuckr@modem.eng.umd.edu To: Guido van Rooij cc: "Daniel O'Callaghan" , ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: <199702252136.WAA08174@gvr.win.tue.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 25 Feb 1997, Guido van Rooij wrote: > > > > What about an explicit entry for 'everyone'? > > e.g. wheel:*:0:* > > > > I'd much rather have people actively decide to allow su access than > > passively allow it. > > > There are no wldcards allowed in the forup member field. Guido, I'm curious. Are there really (that you know of) shops that want to be so free with root privs that they don't even need to know who has them? If there is, then I guess you're justified, but I wouldn't have thought such existed. > > -Guido > ----------------------------+----------------------------------------------- Chuck Robey | Interests include any kind of voice or data chuckr@eng.umd.edu | communications topic, C programming, and Unix. 9120 Edmonston Ct #302 | Greenbelt, MD 20770 | I run Journey2 and picnic, both FreeBSD (301) 220-2114 | version 3.0 current -- and great FUN! ----------------------------+----------------------------------------------- From owner-cvs-usrbin Tue Feb 25 14:56:48 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA22105 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 14:56:48 -0800 (PST) Received: from bofh.cybercity.dk (bofh.cybercity.dk [195.8.128.254]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA21991; Tue, 25 Feb 1997 14:54:32 -0800 (PST) Received: from critter.dk.tfs.com (phk.cybercity.dk [195.8.133.247]) by bofh.cybercity.dk (8.8.3/8.7.3) with ESMTP id XAA21192; Tue, 25 Feb 1997 23:56:29 +0100 (MET) Received: from critter.dk.tfs.com (localhost [127.0.0.1]) by critter.dk.tfs.com (8.8.2/8.8.2) with ESMTP id XAA07425; Tue, 25 Feb 1997 23:57:29 +0100 (MET) To: Chuck Robey cc: Guido van Rooij , "Daniel O'Callaghan" , ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-reply-to: Your message of "Tue, 25 Feb 1997 17:37:34 EST." Date: Tue, 25 Feb 1997 23:57:29 +0100 Message-ID: <7423.856911449@critter.dk.tfs.com> From: Poul-Henning Kamp Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk In message , Chuck Robey writes: >On Tue, 25 Feb 1997, Guido van Rooij wrote: > >> > >> > What about an explicit entry for 'everyone'? >> > e.g. wheel:*:0:* >> > >> > I'd much rather have people actively decide to allow su access than >> > passively allow it. >> >> >> There are no wldcards allowed in the forup member field. > >Guido, I'm curious. Are there really (that you know of) shops that want >to be so free with root privs that they don't even need to know who has >them? If there is, then I guess you're justified, but I wouldn't have >thought such existed. It doesn't give them root-privs, it allows them to run su(1)... -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. Power and ignorance is a disgusting cocktail. From owner-cvs-usrbin Tue Feb 25 15:02:55 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA22376 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 15:02:55 -0800 (PST) Received: from po1.glue.umd.edu (root@po1.glue.umd.edu [129.2.128.44]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA22308; Tue, 25 Feb 1997 15:00:55 -0800 (PST) Received: from modem.eng.umd.edu (modem.eng.umd.edu [129.2.98.187]) by po1.glue.umd.edu (8.8.5/8.8.5) with ESMTP id SAA24943; Tue, 25 Feb 1997 18:00:50 -0500 (EST) Received: from localhost (chuckr@localhost) by modem.eng.umd.edu (8.8.5/8.7.3) with SMTP id SAA04079; Tue, 25 Feb 1997 18:00:47 -0500 (EST) X-Authentication-Warning: modem.eng.umd.edu: chuckr owned process doing -bs Date: Tue, 25 Feb 1997 18:00:47 -0500 (EST) From: Chuck Robey X-Sender: chuckr@modem.eng.umd.edu To: Poul-Henning Kamp cc: Guido van Rooij , "Daniel O'Callaghan" , ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: <7423.856911449@critter.dk.tfs.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 25 Feb 1997, Poul-Henning Kamp wrote: > In message , Chuck > Robey writes: > >On Tue, 25 Feb 1997, Guido van Rooij wrote: > > > >> > > >> > What about an explicit entry for 'everyone'? > >> > e.g. wheel:*:0:* > >> > > >> > I'd much rather have people actively decide to allow su access than > >> > passively allow it. > >> > >> > >> There are no wldcards allowed in the forup member field. > > > >Guido, I'm curious. Are there really (that you know of) shops that want > >to be so free with root privs that they don't even need to know who has > >them? If there is, then I guess you're justified, but I wouldn't have > >thought such existed. > > It doesn't give them root-privs, it allows them to run su(1)... Isn't that virtually the same thing? Oh, you mean giving them su and NOT giving them the root password ... on all systems I've worked on, you only used su to gain root privs anyways. I guess thast was my question, if such a user group existed. If you're saying it does, them I guess I'm satisfied. ----------------------------+----------------------------------------------- Chuck Robey | Interests include any kind of voice or data chuckr@eng.umd.edu | communications topic, C programming, and Unix. 9120 Edmonston Ct #302 | Greenbelt, MD 20770 | I run Journey2 and picnic, both FreeBSD (301) 220-2114 | version 3.0 current -- and great FUN! ----------------------------+----------------------------------------------- From owner-cvs-usrbin Tue Feb 25 15:06:53 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA22610 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 15:06:53 -0800 (PST) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA22584; Tue, 25 Feb 1997 15:06:21 -0800 (PST) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id AAA08462; Wed, 26 Feb 1997 00:05:46 +0100 (MET) From: Guido van Rooij Message-Id: <199702252305.AAA08462@gvr.win.tue.nl> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from Chuck Robey at "Feb 25, 97 05:37:34 pm" To: chuckr@glue.umd.edu (Chuck Robey) Date: Wed, 26 Feb 1997 00:05:46 +0100 (MET) Cc: danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Guido, I'm curious. Are there really (that you know of) shops that want > to be so free with root privs that they don't even need to know who has > them? If there is, then I guess you're justified, but I wouldn't have > thought such existed. > Yes. See the PR ;-) -Guido From owner-cvs-usrbin Tue Feb 25 15:25:25 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA23762 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 15:25:25 -0800 (PST) Received: from stox.pr.mcs.net (stox.pr.mcs.net [204.137.243.33]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA23757; Tue, 25 Feb 1997 15:25:21 -0800 (PST) Received: from localhost (localhost.stox.pr.mcs.net [127.0.0.1]) by stox.pr.mcs.net (8.8.5/8.6.12) with SMTP id RAA10468; Tue, 25 Feb 1997 17:21:14 -0600 (CST) Date: Tue, 25 Feb 1997 17:21:14 -0600 (CST) From: "Kenneth P. Stox" To: Chuck Robey cc: Guido van Rooij , CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 25 Feb 1997, Chuck Robey wrote: << text deleted >> > Guido, I'm curious. Are there really (that you know of) shops that want > to be so free with root privs that they don't even need to know who has > them? If there is, then I guess you're justified, but I wouldn't have > thought such existed. I beg to disagree. There are many shops which allow all the users of the machine(s) to have root access. Encouraging them to do so via su(1) instead of having the root password passed around is infinitely desirable. This is a far from ideal situation, but many shops choose to not invest in the administrative resources that are really necessary for the objectives they wish to achieve. Instead, many administrative tasks get spread over a group of developers, etc. In many cases I have witnessed, there may be one or more administrator/gurus within the organization performing consultation to a community of developers who have chosen to share responsibilities on the machine. In these situations, it would be in the best interests of all to make su(1) as "easy" as possible. The number one enemy I have confronted when I have worked in such an environment is not from hackers, but the developer with root privileges who makes a "harmless" configuration change. The change is not made maliciously. Typically, such behaviors involve machines which are not in a machine room. The glass wall does have its advantages at times. :-) -Ken Stox ken@stox.pr.mcs.net From owner-cvs-usrbin Tue Feb 25 15:45:31 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA25074 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 15:45:31 -0800 (PST) Received: from proxy1.ba.best.com (root@proxy1.ba.best.com [206.184.139.12]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA25066; Tue, 25 Feb 1997 15:45:20 -0800 (PST) Received: from bsampley.vip.best.com (bsampley.vip.best.com [206.184.160.196]) by proxy1.ba.best.com (8.8.5/8.8.3) with SMTP id PAA13700; Tue, 25 Feb 1997 15:34:58 -0800 (PST) Date: Tue, 25 Feb 1997 15:33:33 -0800 (PST) From: Burton Sampley To: Guido van Rooij cc: Chuck Robey , danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: <199702252305.AAA08462@gvr.win.tue.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Wed, 26 Feb 1997, Guido van Rooij wrote: > > Guido, I'm curious. Are there really (that you know of) shops that want > > to be so free with root privs that they don't even need to know who has > > them? If there is, then I guess you're justified, but I wouldn't have > > thought such existed. > > > > > Yes. See the PR ;-) > > -Guido > I have to take a minute to through in my 2 cents here. After working in the EDP Audit Department for a major bank in the US, the thought of a co. not knowing who has access to root privs is a little frightening. What's the co.'s reasoning for this kind of setup? I would hope it's *NOT* a mission critical, production box. Email: bsampley@best.com Alternate Email: bsampley@haywire.csuhayward.edu Home Page: http://www.best.com/~bsampley From owner-cvs-usrbin Tue Feb 25 16:22:32 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA28033 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 16:22:32 -0800 (PST) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA27982; Tue, 25 Feb 1997 16:22:05 -0800 (PST) Received: (from msmith@localhost) by genesis.atrad.adelaide.edu.au (8.8.5/8.7.3) id KAA19615; Wed, 26 Feb 1997 10:49:19 +1030 (CST) From: Michael Smith Message-Id: <199702260019.KAA19615@genesis.atrad.adelaide.edu.au> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from Burton Sampley at "Feb 25, 97 03:33:33 pm" To: burton@bsampley.vip.best.com (Burton Sampley) Date: Wed, 26 Feb 1997 10:49:19 +1030 (CST) Cc: guido@gvr.win.tue.nl, chuckr@glue.umd.edu, danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Burton Sampley stands accused of saying: > > I have to take a minute to through in my 2 cents here. After working in > the EDP Audit Department for a major bank in the US, the thought of a co. > not knowing who has access to root privs is a little frightening. What's > the co.'s reasoning for this kind of setup? I would hope it's *NOT* a > mission critical, production box. It's the day for sharing ideas 8) I've put muddy footprints on a goodly number of *nix shop floors around here, and they fall into a number of different groups with regard to root access. You have 'secure' shops, that usually have an experienced *nix admin and run a tight show. There are procedures for things and stuff is controlled and (if the admin is any good) things generally go smoothly. There are 'fossil' shops, where the *nix machine(s) were set up by an employee that has subsequently left, or were bought and never looked after. Everyone logs in as root. I bill these people double 8) Then you have sites where the *nix machines are used by people that are generally technically competent, but don't have the time or the motivation to go overboard with administration. We run one here, and I do quite a bit of on-the-side support for a number of other sites with similar arrangements. In these situations, it may be handy to reduce the protection on the root account to just its password, so I'd go along with the above suggestion, as long as it's clearly documented in the relevant manual pages. (su and group at least) Many of these _are_ 'mission-critical' production systems, but they're in situations where the employees are already in a position of trust, and generally don't have the sort of management and admins that you find in the financial sector. (Cue Dilbert xref) -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[ From owner-cvs-usrbin Tue Feb 25 16:30:11 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA28557 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 16:30:11 -0800 (PST) Received: (from mpp@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA28392; Tue, 25 Feb 1997 16:25:36 -0800 (PST) From: Mike Pritchard Message-Id: <199702260025.QAA28392@freefall.freebsd.org> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c To: burton@bsampley.vip.best.com (Burton Sampley) Date: Tue, 25 Feb 1997 16:25:36 -0800 (PST) Cc: guido@gvr.win.tue.nl, chuckr@glue.umd.edu, danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org In-Reply-To: from "Burton Sampley" at Feb 25, 97 03:33:33 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Burton Sampley wrote: > > I have to take a minute to through in my 2 cents here. After working in > the EDP Audit Department for a major bank in the US, the thought of a co. > not knowing who has access to root privs is a little frightening. What's > the co.'s reasoning for this kind of setup? I would hope it's *NOT* a > mission critical, production box. Let's review how things work again: If a user is a member of group wheel, and they know the root password, they can su to root. If only root is a member of group wheel, then no one can su to root, even if they know the root password. If group wheel has no members, then anyone who knows the root password can su to root. -- Mike Pritchard mpp@FreeBSD.org "Go that way. Really fast. If something gets in your way, turn" From owner-cvs-usrbin Tue Feb 25 17:34:14 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA02667 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 17:34:14 -0800 (PST) Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id RAA02431; Tue, 25 Feb 1997 17:29:16 -0800 (PST) Received: by halloran-eldar.lcs.mit.edu; (5.65v3.2/1.1.8.2/19Aug95-0530PM) id AA16071; Tue, 25 Feb 1997 20:26:47 -0500 Date: Tue, 25 Feb 1997 20:26:47 -0500 From: Garrett Wollman Message-Id: <9702260126.AA16071@halloran-eldar.lcs.mit.edu> To: Poul-Henning Kamp Cc: Chuck Robey , Guido van Rooij , "Daniel O'Callaghan" , ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: <7423.856911449@critter.dk.tfs.com> References: <7423.856911449@critter.dk.tfs.com> Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk < said: >> Guido, I'm curious. Are there really (that you know of) shops that want >> to be so free with root privs that they don't even need to know who has >> them? If there is, then I guess you're justified, but I wouldn't have >> thought such existed. > It doesn't give them root-privs, it allows them to run su(1)... No. It allows them to run su(1) to become root. To become another ordinary user, wheel group membership has never been required. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, ANA, or NSA| - Susan Aglukark and Chad Irschick From owner-cvs-usrbin Tue Feb 25 20:21:25 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id UAA13300 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 20:21:25 -0800 (PST) Received: from alpha.xerox.com (alpha.Xerox.COM [13.1.64.93]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA12979; Tue, 25 Feb 1997 20:18:53 -0800 (PST) Received: from crevenia.parc.xerox.com ([13.2.116.11]) by alpha.xerox.com with SMTP id <15633(7)>; Tue, 25 Feb 1997 20:18:12 PST Received: from localhost by crevenia.parc.xerox.com with SMTP id <177476>; Tue, 25 Feb 1997 20:18:03 -0800 To: Chuck Robey cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-reply-to: Your message of "Tue, 25 Feb 97 15:00:47 PST." Date: Tue, 25 Feb 1997 20:17:58 PST From: Bill Fenner Message-Id: <97Feb25.201803pst.177476@crevenia.parc.xerox.com> Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Chuck Robey wrote: >I guess thast was my question, >if such a user group existed. If you're saying it does, them I guess I'm >satisfied. I am a member of such a group now; % cat /etc/group wheel:*:0: and have been in other such groups in the past as well. (SunOS has the "empty-wheel-means-anyone-may-su" beahvior, and it's documented in the man page. The Sun SCCS file has only the UCB (5.4) revision in it, implying that BSD 4.2 was this way). Bill From owner-cvs-usrbin Tue Feb 25 21:07:57 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA15080 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 21:07:57 -0800 (PST) Received: from veda.is (ubiq.veda.is [193.4.230.60]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA15069; Tue, 25 Feb 1997 21:07:31 -0800 (PST) Received: (from adam@localhost) by veda.is (8.8.4/8.7.3) id FAA07685; Wed, 26 Feb 1997 05:18:43 GMT From: Adam David Message-Id: <199702260518.FAA07685@veda.is> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from Burton Sampley at "Feb 25, 97 03:33:33 pm" To: burton@bsampley.vip.best.com (Burton Sampley) Date: Wed, 26 Feb 1997 05:18:41 +0000 (GMT) Cc: guido@gvr.win.tue.nl, chuckr@glue.umd.edu, danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > I have to take a minute to through in my 2 cents here. After working in > the EDP Audit Department for a major bank in the US, the thought of a co. > not knowing who has access to root privs is a little frightening. What's > the co.'s reasoning for this kind of setup? I would hope it's *NOT* a > mission critical, production box. The thought of such a company not knowing who its users are is indeed terrible, far worse than even a root-only box (assuming non-privileged clients) unless the admins are really stupid. -- Adam David From owner-cvs-usrbin Tue Feb 25 21:31:54 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA15971 for cvs-usrbin-outgoing; Tue, 25 Feb 1997 21:31:54 -0800 (PST) Received: (from mpp@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA15964; Tue, 25 Feb 1997 21:31:53 -0800 (PST) Date: Tue, 25 Feb 1997 21:31:53 -0800 (PST) From: Mike Pritchard Message-Id: <199702260531.VAA15964@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/chpass Makefile src/usr.bin/passwd Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk mpp 97/02/25 21:31:53 Modified: usr.bin/chpass Makefile usr.bin/passwd Makefile Log: If an administrator somehow manages to break the hardlinks on chpass & passwd and turn the links into individual files with the schg flag set, make install will fail to install all of the proper links. Fixed by removing the schg flag on all of the links before installing. Closes PR# 2040. Submitted by: Ph. Charnier Revision Changes Path 1.10 +4 -2 src/usr.bin/chpass/Makefile 1.24 +5 -3 src/usr.bin/passwd/Makefile From owner-cvs-usrbin Wed Feb 26 19:52:25 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id TAA00367 for cvs-usrbin-outgoing; Wed, 26 Feb 1997 19:52:25 -0800 (PST) Received: (from ache@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id TAA00359; Wed, 26 Feb 1997 19:52:23 -0800 (PST) Date: Wed, 26 Feb 1997 19:52:23 -0800 (PST) From: "Andrey A. Chernov" Message-Id: <199702270352.TAA00359@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/login login.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 97/02/26 19:52:23 Modified: usr.bin/login login.c Log: Fix few bogons with pw_shell / shell variables values mismatch introduced by LOGIN_CAP Revision Changes Path 1.16 +4 -7 src/usr.bin/login/login.c From owner-cvs-usrbin Wed Feb 26 20:36:16 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id UAA02344 for cvs-usrbin-outgoing; Wed, 26 Feb 1997 20:36:16 -0800 (PST) Received: from labs.usn.blaze.net.au (labs.usn.blaze.net.au [203.17.53.30]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA02149; Wed, 26 Feb 1997 20:33:53 -0800 (PST) Received: (from davidn@localhost) by labs.usn.blaze.net.au (8.8.5/8.8.5) id PAA10699; Thu, 27 Feb 1997 15:33:32 +1100 (EST) Message-ID: <19970227153331.46240@usn.blaze.net.au> Date: Thu, 27 Feb 1997 15:33:31 +1100 From: David Nugent To: "Andrey A. Chernov" Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/login login.c References: <199702270352.TAA00359@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.61 In-Reply-To: <199702270352.TAA00359@freefall.freebsd.org>; from Andrey A. Chernov on Feb 02, 1997 at 07:52:23PM Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Feb 02, 1997 at 07:52:23PM, Andrey A. Chernov wrote: > Modified: usr.bin/login login.c > Log: > Fix few bogons with pw_shell / shell variables values mismatch > introduced by LOGIN_CAP This breaks the shell= function. "shell=" in /etc/login.conf should NOT be set in the $SHELL environment variable. This is BSDI's usage, and it should also be ours - in fact, according to our documentation it is: Extract from login.conf(5): shell prog Session shell to execute rather than the shell specified in the passwd file. The SHELL environment variable will contain the shell specified in the password file. The point of having this facility is to allow the sysadmin to run a program or script which may optionally execute the user's shell or other programs via system(). Many people over the years have had to hack login(1) to do this instead (menus, service selectors etc), and this facility makes it unnecessary to actually hack system code to achieve the desired result. In other words, "shell=" is not intended to replace the shell field in the password file, but to compliment it. I agree that the tag is poorly named. It probably should be "preshell=", "run=" or just about anything other than "shell=". Regards, David Nugent - Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/ From owner-cvs-usrbin Wed Feb 26 21:10:02 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA03605 for cvs-usrbin-outgoing; Wed, 26 Feb 1997 21:10:02 -0800 (PST) Received: (from ache@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA03573; Wed, 26 Feb 1997 21:09:59 -0800 (PST) Date: Wed, 26 Feb 1997 21:09:59 -0800 (PST) From: "Andrey A. Chernov" Message-Id: <199702270509.VAA03573@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/login login.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ache 97/02/26 21:09:59 Modified: usr.bin/login login.c Log: Back out "shell" / pw_shell change, I was confused by the same variable name (with different functionality) Revision Changes Path 1.17 +7 -4 src/usr.bin/login/login.c From owner-cvs-usrbin Fri Feb 28 11:51:44 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id LAA14927 for cvs-usrbin-outgoing; Fri, 28 Feb 1997 11:51:44 -0800 (PST) Received: (from wosch@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id LAA14914; Fri, 28 Feb 1997 11:51:42 -0800 (PST) Date: Fri, 28 Feb 1997 11:51:42 -0800 (PST) From: Wolfram Schneider Message-Id: <199702281951.LAA14914@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/mklocale/data lt_LN.ISO_8859-2.src Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk wosch 97/02/28 11:51:40 Modified: usr.bin/mklocale/data Makefile Added: usr.bin/mklocale/data lt_LN.ISO_8859-2.src Log: Add lt_LN.ISO_8859-2.src. Use '.for' loop from make(1), not sh(1) 'for' loops. Submitted by: Slaven Reziæ (Tomiæ) Revision Changes Path 1.7 +23 -10 src/usr.bin/mklocale/data/Makefile From owner-cvs-usrbin Fri Feb 28 14:44:35 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA22574 for cvs-usrbin-outgoing; Fri, 28 Feb 1997 14:44:35 -0800 (PST) Received: (from adam@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA22563; Fri, 28 Feb 1997 14:44:33 -0800 (PST) Date: Fri, 28 Feb 1997 14:44:33 -0800 (PST) From: Adam David Message-Id: <199702282244.OAA22563@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/mklocale/data Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk adam 97/02/28 14:44:32 Modified: usr.bin/mklocale/data Makefile Log: minor nit Revision Changes Path 1.8 +3 -3 src/usr.bin/mklocale/data/Makefile From owner-cvs-usrbin Fri Feb 28 14:54:55 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA23279 for cvs-usrbin-outgoing; Fri, 28 Feb 1997 14:54:55 -0800 (PST) Received: (from adam@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA23272; Fri, 28 Feb 1997 14:54:51 -0800 (PST) Date: Fri, 28 Feb 1997 14:54:51 -0800 (PST) From: Adam David Message-Id: <199702282254.OAA23272@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/mklocale/data Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk adam 97/02/28 14:54:50 Branch: usr.bin/mklocale/data RELENG_2_2 Modified: usr.bin/mklocale/data Makefile Log: added ko_KR.EUC and lt_LN.ISO_8859-2 sync with -current Revision Changes Path 1.3.2.1 +23 -9 src/usr.bin/mklocale/data/Makefile From owner-cvs-usrbin Fri Feb 28 16:28:15 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA28847 for cvs-usrbin-outgoing; Fri, 28 Feb 1997 16:28:15 -0800 (PST) Received: (from wosch@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA28830; Fri, 28 Feb 1997 16:28:12 -0800 (PST) Date: Fri, 28 Feb 1997 16:28:12 -0800 (PST) From: Wolfram Schneider Message-Id: <199703010028.QAA28830@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/colldef/data lt_LN.ISO_8859-2.src map.ISO_8859-2 Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk wosch 97/02/28 16:28:11 Modified: usr.bin/colldef/data Makefile Added: usr.bin/colldef/data lt_LN.ISO_8859-2.src map.ISO_8859-2 Log: Add generic colldef for ISO-8859-2. Submitted by: Slaven Reziæ (Tomiæ) Use '.for' loop from make(1), not sh(1) 'for' loops. Revision Changes Path 1.8 +28 -15 src/usr.bin/colldef/data/Makefile From owner-cvs-usrbin Fri Feb 28 17:19:35 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA01931 for cvs-usrbin-outgoing; Fri, 28 Feb 1997 17:19:35 -0800 (PST) Received: (from adam@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id RAA01924; Fri, 28 Feb 1997 17:19:33 -0800 (PST) Date: Fri, 28 Feb 1997 17:19:33 -0800 (PST) From: Adam David Message-Id: <199703010119.RAA01924@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/colldef/data Makefile Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk adam 97/02/28 17:19:32 Branch: usr.bin/colldef/data RELENG_2_2 Modified: usr.bin/colldef/data Makefile Log: added 8859-2 stuff from -current Revision Changes Path 1.3.2.2 +28 -15 src/usr.bin/colldef/data/Makefile From owner-cvs-usrbin Sat Mar 1 04:57:19 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA04087 for cvs-usrbin-outgoing; Sat, 1 Mar 1997 04:57:19 -0800 (PST) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id EAA04071; Sat, 1 Mar 1997 04:57:10 -0800 (PST) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id NAA18763; Sat, 1 Mar 1997 13:56:13 +0100 (MET) From: Guido van Rooij Message-Id: <199703011256.NAA18763@gvr.win.tue.nl> Subject: Re: cvs commit: src/usr.bin/su su.1 su.c In-Reply-To: from Burton Sampley at "Feb 25, 97 03:33:33 pm" To: burton@bsampley.vip.best.com (Burton Sampley) Date: Sat, 1 Mar 1997 13:56:13 +0100 (MET) Cc: chuckr@glue.umd.edu, danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Burton Sampley wrote: > > I have to take a minute to through in my 2 cents here. After working in > the EDP Audit Department for a major bank in the US, the thought of a co. > not knowing who has access to root privs is a little frightening. What's > the co.'s reasoning for this kind of setup? I would hope it's *NOT* a > mission critical, production box. > It isn't. Further, you should notice that with the default setup that FreeBSD ships with, only root is allowed to su. So you explicitly have to enable this `feature'. -Guido From owner-cvs-usrbin Sat Mar 1 10:02:51 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA23162 for cvs-usrbin-outgoing; Sat, 1 Mar 1997 10:02:51 -0800 (PST) Received: (from wosch@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA23155; Sat, 1 Mar 1997 10:02:48 -0800 (PST) Date: Sat, 1 Mar 1997 10:02:48 -0800 (PST) From: Wolfram Schneider Message-Id: <199703011802.KAA23155@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/login login.c Sender: owner-cvs-usrbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk wosch 97/03/01 10:02:47 Modified: usr.bin/login login.c Log: Include copyright message from Revision Changes Path 1.18 +4 -5 src/usr.bin/login/login.c