Date: Tue, 18 Jun 2002 04:59:02 +0200 From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx> To: "Dan Mahoney, System Admin" <danm@prime.gushi.org> Cc: freebsd-bugs@FreeBSD.ORG Subject: Re: misc/39382: Passwd will not work when root su's into a user. Message-ID: <20020618045902.18672413.corecode@corecode.ath.cx> In-Reply-To: <200206172010.g5HKA2Z20215@freefall.freebsd.org> References: <200206172010.g5HKA2Z20215@freefall.freebsd.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Mon, 17 Jun 2002 13:10:02 -0700 (PDT) Dan Mahoney, System Admin wrote: > > this is not true. it cannot check the effective id because this is > > always changed to 0 (suid root!). > > passwd(1) checks the login name with getlogin(). this is the only one > > and true[tm] way to support different accounts with the same UID (for > > example personalized root accounts etc). > > besides, su'ing only to change a passwd seems overkill. > Okay, so then shouldn't su -l do a setlogin()? no, as garrett already stated. see getlogin(2): there is an explicit phrase about su(1). problem is that only the session leader may set the login (or should). so you need to create a new session for su. but this doesn't work as desired because you are still using the tty of the original login. you'd need to allocate a new tty (at least) and set the new login name. cheerz simon -- /"\ http://corecode.ath.cx/#donate \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9DqH7r5S+dk6z85oRAugbAJoDC5OoKqLf4fvsbVtiY498TTHvPgCffctw ncMO+rs6Olp+vw88sXk6mGA= =FGAl -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618045902.18672413.corecode>