zsh-users
 help / color / mirror / code / Atom feed
From: David Chamont <chamont@polhp3.in2p3.fr>
To: Zoltan Hidvegi <hzoli@cs.elte.hu>
Cc: zsh-users@math.gatech.edu
Subject: Re: newgrp
Date: Thu, 12 Dec 1996 15:06:15 +0100	[thread overview]
Message-ID: <32B01157.24A1@polhp3.in2p3.fr> (raw)
In-Reply-To: <199612121344.OAA10133@bolyai.cs.elte.hu>

> 
> That's because on Unix systems superuser privileges are required to change
> the primary group id.  There is nothing in zsh which would prevent changing
> the GID parameter.  If it fails it fails because the OS refused change it.
> Of course some trickery with chgrp and setgid might also help but on secure
> systems normal users have no write access to suid mounted filesystems.
> Also secure systems does not use HP, or if ther use, they definitely do not
> keep suid newgrp since a root exploit was posted recently to bugtraq using
> HP's newgrp (where you can find one or two HP root exploits every week so
> if you subscribe it will not be difficult to install the missing newgrp on
> your machine).
> 

It is probably not the best solution, but I went around the lack of
newgrp command by writing the following script, and then asked my
administrator to change the owner to root and mode to 4755,
and finally add the alias newgrp='exec newgrp'.
At least it works !

          --------------------------------------------
          #!/usr/local/bin/zsh
          
          accord=non
          for g in `groups` ; do
            if [[ $g = "$1" ]] ; then
              group=`ypcat group | grep "^${1}:"`
              GID=${${group%:*}##*:}
            fi
          done
          
          EUID=$UID
          exec zsh
          --------------------------------------------

Thanks to the people who respond to my question and helped
me find out this solution.

==========================================================================
David Chamont - LPNHE                             
chamont@polhp3.in2p3.fr
Ecole Polytechnique                                        
01.69.33.44.04
91128 Palaiseau - France            
http://polhp5.in2p3.fr:8000/~chamont/


  reply	other threads:[~1996-12-12 14:31 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <32AFD799.7407@polhp3.in2p3.fr>
1996-12-12 10:17 ` newgrp Peter Stephenson
1996-12-12 13:44   ` newgrp Zoltan Hidvegi
1996-12-12 14:06     ` David Chamont [this message]
1996-12-12 14:18       ` newgrp Zoltan Hidvegi
1996-12-12 16:25         ` newgrp Richard Coleman
1996-12-11 18:29 newgrp David Chamont
1996-12-12  9:10 ` newgrp Peter Stephenson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=32B01157.24A1@polhp3.in2p3.fr \
    --to=chamont@polhp3.in2p3.fr \
    --cc=hzoli@cs.elte.hu \
    --cc=zsh-users@math.gatech.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).