[Midnightbsd-cvs] src [11466] trunk/usr.bin/newgrp/newgrp.c: sync newgrp with freebsd

Sat Jul 7 12:54:15 EDT 2018

Revision: 11466
          http://svnweb.midnightbsd.org/src/?rev=11466
Author:   laffer1
Date:     2018-07-07 12:54:14 -0400 (Sat, 07 Jul 2018)
Log Message:
-----------
sync newgrp with freebsd

Modified Paths:
--------------
    trunk/usr.bin/newgrp/Makefile
    trunk/usr.bin/newgrp/newgrp.1
    trunk/usr.bin/newgrp/newgrp.c

Property Changed:
----------------
    trunk/usr.bin/newgrp/newgrp.1

Modified: trunk/usr.bin/newgrp/Makefile
===================================================================

--- trunk/usr.bin/newgrp/Makefile	2018-07-07 16:53:59 UTC (rev 11465)
+++ trunk/usr.bin/newgrp/Makefile	2018-07-07 16:54:14 UTC (rev 11466)
@@ -1,4 +1,5 @@
 # $MidnightBSD$
+# $FreeBSD: stable/10/usr.bin/newgrp/Makefile 137164 2004-11-03 18:01:21Z ru $
 
 PROG=	newgrp
 DPADD=	${LIBCRYPT} ${LIBUTIL}

Modified: trunk/usr.bin/newgrp/newgrp.1
===================================================================
--- trunk/usr.bin/newgrp/newgrp.1	2018-07-07 16:53:59 UTC (rev 11465)
+++ trunk/usr.bin/newgrp/newgrp.1	2018-07-07 16:54:14 UTC (rev 11466)
@@ -1,3 +1,4 @@
+.\" $MidnightBSD$
 .\" Copyright (c) 2002 Tim J. Robbins.
 .\" All rights reserved.
 .\"
@@ -22,9 +23,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $MidnightBSD$
+.\" $FreeBSD: stable/10/usr.bin/newgrp/newgrp.1 246553 2013-02-08 14:14:00Z des $
 .\"
-.Dd May 23, 2002
+.Dd February 8, 2013
 .Dt NEWGRP 1
 .Os
 .Sh NAME
@@ -90,6 +91,15 @@
 utility appeared in
 .At v6 .
 .Sh BUGS
+For security reasons, the
+.Nm
+utility is normally installed without the setuid bit.
+To enable it, run the following command:
+.Bd -literal -offset indent
+chmod u+s /usr/bin/newgrp
+.Ed
+.Pp
 Group passwords are inherently insecure as there is no way to stop
-users obtaining the crypted passwords from the group database.
+users obtaining the password hash from the group database.
 Their use is discouraged.
+Instead, users should simply be added to the necessary groups.


Property changes on: trunk/usr.bin/newgrp/newgrp.1
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/usr.bin/newgrp/newgrp.c
===================================================================
--- trunk/usr.bin/newgrp/newgrp.c	2018-07-07 16:53:59 UTC (rev 11465)
+++ trunk/usr.bin/newgrp/newgrp.c	2018-07-07 16:54:14 UTC (rev 11466)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
 /*-
  * Copyright (c) 2002 Tim J. Robbins.
  * All rights reserved.
@@ -29,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/usr.bin/newgrp/newgrp.c 246553 2013-02-08 14:14:00Z des $");
 
 #include <sys/types.h>
 
@@ -73,7 +74,8 @@
 {
 	int ch, login;
 
-	euid = geteuid();
+	if ((euid = geteuid()) != 0)
+		warnx("need root permissions to function properly, check setuid bit");
 	if (seteuid(getuid()) < 0)
 		err(1, "seteuid");
 
@@ -151,7 +153,7 @@
 	int dbmember, i, ngrps;
 	gid_t egid;
 	struct group *grp;
-	char *ep, *pass;
+	char *ep, *pass, *cryptpw;
 	char **p;
 
 	egid = getegid();
@@ -178,8 +180,10 @@
 		}
 	if (!dbmember && *grp->gr_passwd != '\0' && getuid() != 0) {
 		pass = getpass("Password:");
-		if (pass == NULL ||
-		    strcmp(grp->gr_passwd, crypt(pass, grp->gr_passwd)) != 0) {
+		if (pass == NULL)
+			return;
+		cryptpw = crypt(pass, grp->gr_passwd);
+		if (cryptpw == NULL || strcmp(grp->gr_passwd, cryptpw) != 0) {
 			fprintf(stderr, "Sorry\n");
 			return;
 		}
@@ -190,7 +194,7 @@
 		err(1, "malloc");
 	if ((ngrps = getgroups(ngrps_max, (gid_t *)grps)) < 0) {
 		warn("getgroups");
-		return;
+		goto end;
 	}
 
 	/* Remove requested gid from supp. list if it exists. */
@@ -204,7 +208,7 @@
 		if (setgroups(ngrps, (const gid_t *)grps) < 0) {
 			PRIV_END;
 			warn("setgroups");
-			return;
+			goto end;
 		}
 		PRIV_END;
 	}
@@ -213,7 +217,7 @@
 	if (setgid(grp->gr_gid)) {
 		PRIV_END;
 		warn("setgid");
-		return;
+		goto end;
 	}
 	PRIV_END;
 	grps[0] = grp->gr_gid;
@@ -228,12 +232,12 @@
 			if (setgroups(ngrps, (const gid_t *)grps)) {
 				PRIV_END;
 				warn("setgroups");
-				return;
+				goto end;
 			}
 			PRIV_END;
 		}
 	}
-
+end:
 	free(grps);
 }
 

