Path: utzoo!attcan!uunet!ncrlnk!ncrcae!hubcap!gatech!uflorida!ukma!cwjcc!hal!ncoast!allbery From: allbery@ncoast.UUCP (Brandon S. Allbery) Newsgroups: comp.unix.wizards Subject: Re: Need to use newgrp or equivalent Message-ID: <12896@ncoast.UUCP> Date: 11 Nov 88 00:09:07 GMT References: <514@voodoo.UUCP> <1843@cbnews.ATT.COM> Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery) Followup-To: comp.unix.wizards Distribution: na Organization: Cleveland Public Access UN*X, Cleveland, Oh Lines: 27 As quoted from <1843@cbnews.ATT.COM> by lml@cbnews.ATT.COM (L. Mark Larsen): +--------------- | Assuming you are using the standard /bin/sh, turning on the setuid bit | of /bin/newgrp is unlikely to have any impact since the newgrp command | is a built-in command (also built-in in ksh). Without further details, | it is hard to say what might be the problem. Suffice it to say that | newgrp works fine in SysV UNIX. +--------------- newgrp is built into the shell, yes... but only so that the shell will exec it instead of forking. It DOES require root privileges to change your gid (BSD equivalent: add entries to your group vector) for the same reason it takes root privileges to change your uid. Assuming non-BSD groups, make sure the group line in /etc/groups doesn't have a password. "newgrp" enforces passwords, although there is no way to set them aside from kluging with "passwd" and "vipw". (Note that group passwords are generally considered to be "fake security", i.e. they don't really buy you anything security-wise.) ++Brandon -- Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X uunet!hal.cwru.edu!ncoast!allbery ncoast!allbery@hal.cwru.edu allberyb@skybridge.sdi.cwru.edu allbery@uunet.uu.net comp.sources.misc is moving off ncoast -- please do NOT send submissions direct Send comp.sources.misc submissions to comp-sources-misc@.