Zsh Mailing List Archive
Messages sorted by:
Reverse Date,
Date,
Thread,
Author
Re: newgrp
- X-seq: zsh-users 551
- From: David Chamont <chamont@xxxxxxxxxxxxxxx>
- To: Zoltan Hidvegi <hzoli@xxxxxxxxxx>
- Subject: Re: newgrp
- Date: Thu, 12 Dec 1996 15:06:15 +0100
- Cc: zsh-users@xxxxxxxxxxxxxxx
- Organization: X-LPNHE
- References: <199612121344.OAA10133@xxxxxxxxxxxxxxxxx>
- Sender: chamont@xxxxxxxxxxxxxxx
>
> That's because on Unix systems superuser privileges are required to change
> the primary group id. There is nothing in zsh which would prevent changing
> the GID parameter. If it fails it fails because the OS refused change it.
> Of course some trickery with chgrp and setgid might also help but on secure
> systems normal users have no write access to suid mounted filesystems.
> Also secure systems does not use HP, or if ther use, they definitely do not
> keep suid newgrp since a root exploit was posted recently to bugtraq using
> HP's newgrp (where you can find one or two HP root exploits every week so
> if you subscribe it will not be difficult to install the missing newgrp on
> your machine).
>
It is probably not the best solution, but I went around the lack of
newgrp command by writing the following script, and then asked my
administrator to change the owner to root and mode to 4755,
and finally add the alias newgrp='exec newgrp'.
At least it works !
--------------------------------------------
#!/usr/local/bin/zsh
accord=non
for g in `groups` ; do
if [[ $g = "$1" ]] ; then
group=`ypcat group | grep "^${1}:"`
GID=${${group%:*}##*:}
fi
done
EUID=$UID
exec zsh
--------------------------------------------
Thanks to the people who respond to my question and helped
me find out this solution.
==========================================================================
David Chamont - LPNHE
chamont@xxxxxxxxxxxxxxx
Ecole Polytechnique
01.69.33.44.04
91128 Palaiseau - France
http://polhp5.in2p3.fr:8000/~chamont/
Messages sorted by:
Reverse Date,
Date,
Thread,
Author