From owner-freebsd-arch@FreeBSD.ORG Sun Feb 10 12:08:07 2013 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 127CF457 for ; Sun, 10 Feb 2013 12:08:07 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (lor.one-eyed-alien.net [69.66.77.232]) by mx1.freebsd.org (Postfix) with ESMTP id 87BEA96F for ; Sun, 10 Feb 2013 12:08:05 +0000 (UTC) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.14.5/8.14.5) with ESMTP id r1AC82OO036048; Sun, 10 Feb 2013 06:08:02 -0600 (CST) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.14.5/8.14.5/Submit) id r1AC82L3036047; Sun, 10 Feb 2013 06:08:02 -0600 (CST) (envelope-from brooks) Date: Sun, 10 Feb 2013 06:08:02 -0600 From: Brooks Davis To: Diane Bruce Subject: Re: group(5) Group Passwords do not work Message-ID: <20130210120802.GD80454@lor.one-eyed-alien.net> References: <20130207232352.GA51387@night.db.net> <13CA24D6AB415D428143D44749F57D7201EA6244@ltcfiswmsgmb21> <20130208134718.GB62849@night.db.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W5WqUoFLvi1M7tJE" Content-Disposition: inline In-Reply-To: <20130208134718.GB62849@night.db.net> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: "Teske, Devin" , "freebsd-arch@freebsd.org" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Feb 2013 12:08:07 -0000 --W5WqUoFLvi1M7tJE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Feb 08, 2013 at 08:47:18AM -0500, Diane Bruce wrote: > On Fri, Feb 08, 2013 at 09:47:04AM +0000, Teske, Devin wrote: > > On Thu, 7 Feb 2013, Diane Bruce wrote: > >=20 > ... > >=20 > > It secretly does work -- but only for those willing to take the plunge = and: > >=20 > > WARNING: Not recommended unless you *must* have this functionality... > >=20 > > sudo chmod u+s /usr/bin/newgrp > >=20 > > NOTE: Assuming /usr/bin/newgrp is already owned by root > >=20 > > See newgrp(8) for additional details. >=20 > Indeed it will work if it is properly setuid root. The question was > whether we should further deprecate it or document it. ;) We should document the requirement to add u+s in older branches and deprecate it with the aim of removing it. It's only usable on single systems unless you are willing to put the hashes in NIS since there isn't the possibility of a group password in LDAP. Worse yet, it's probably only portable in practice with DES hashes which must be exposed to the user. Finally, even without the problem of the exposed hashes, any user (even nobody or www) can become a member of the group just by knowing the shared secret. Users who want this functionality are probably better served with sudo and a well designed sudoers configuration. It won't have exactly the same affordances, but the affordances of newgrp are terrible. -- Brooks --W5WqUoFLvi1M7tJE Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iD8DBQFRF42hXY6L6fI4GtQRAqh3AKDh69pbch0NrSp1t/KQEHykwc+VPwCgj1P6 fRG3Oer+feQOCRlXAzsbH6U= =BY8R -----END PGP SIGNATURE----- --W5WqUoFLvi1M7tJE--