From owner-freebsd-bugs Mon Jun 17 19:59:18 2002 Delivered-To: freebsd-bugs@freebsd.org Received: from mailrelay2.lrz-muenchen.de (mailrelay2.lrz-muenchen.de [129.187.254.102]) by hub.freebsd.org (Postfix) with ESMTP id A7C4437B426 for ; Mon, 17 Jun 2002 19:59:13 -0700 (PDT) Received: from [10.150.180.176] by mailrelay2.lrz-muenchen.de with ESMTP; Tue, 18 Jun 2002 04:59:09 +0200 Received: from elevation.uni.stoert.net (r180177.olydorf.swh.mhn.de [10.150.180.177]) by spirit.zuhause.stoert.net (8.11.6/8.11.6) with ESMTP id g5I2x8t99167; Tue, 18 Jun 2002 04:59:08 +0200 (CEST) (envelope-from corecode@elevation.uni.stoert.net) Received: (from corecode@localhost) by elevation.uni.stoert.net (8.12.3/8.12.3/Submit) id g5I2x7XE003446; Tue, 18 Jun 2002 04:59:07 +0200 (CEST) (envelope-from corecode) Date: Tue, 18 Jun 2002 04:59:02 +0200 From: "Simon 'corecode' Schubert" To: "Dan Mahoney, System Admin" Cc: freebsd-bugs@FreeBSD.ORG Subject: Re: misc/39382: Passwd will not work when root su's into a user. Message-Id: <20020618045902.18672413.corecode@corecode.ath.cx> In-Reply-To: <200206172010.g5HKA2Z20215@freefall.freebsd.org> References: <200206172010.g5HKA2Z20215@freefall.freebsd.org> X-Mailer: Sylpheed version 0.7.8claws (GTK+ 1.2.10; i386-portbld-freebsd4.6) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=.whw)d7wy1oUB+9" Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --=.whw)d7wy1oUB+9 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Mon, 17 Jun 2002 13:10:02 -0700 (PDT) Dan Mahoney, System Admin wrote: > > this is not true. it cannot check the effective id because this is > > always changed to 0 (suid root!). > > passwd(1) checks the login name with getlogin(). this is the only one > > and true[tm] way to support different accounts with the same UID (for > > example personalized root accounts etc). > > besides, su'ing only to change a passwd seems overkill. > Okay, so then shouldn't su -l do a setlogin()? no, as garrett already stated. see getlogin(2): there is an explicit phrase about su(1). problem is that only the session leader may set the login (or should). so you need to create a new session for su. but this doesn't work as desired because you are still using the tty of the original login. you'd need to allocate a new tty (at least) and set the new login name. cheerz simon -- /"\ http://corecode.ath.cx/#donate \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News --=.whw)d7wy1oUB+9 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9DqH7r5S+dk6z85oRAugbAJoDC5OoKqLf4fvsbVtiY498TTHvPgCffctw ncMO+rs6Olp+vw88sXk6mGA= =FGAl -----END PGP SIGNATURE----- --=.whw)d7wy1oUB+9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message