|Summary:||/usr/bin/chage too privileged|
|Product:||[Retired] Red Hat Linux||Reporter:||Chris Evans <chris>|
|Component:||shadow-utils||Assignee:||David Lawrence <dkl>|
|Status:||CLOSED WONTFIX||QA Contact:|
|Version:||6.0||CC:||abartlet, gafton, notting|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||1999-08-30 02:16:59 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Chris Evans 1999-08-24 20:06:16 UTC
/usr/bin/chage is suid root. It runs fine "sgid shadow", proving /etc/shadow is group shadow and group readable. Principle of least privilege is violated. It is a fairly trivial enhancement. It could be implemented along with making /sbin/pwdb_chkpwd "sgid shadow" too. Two less suid root binaries, can't be bad can it?
Comment 1 Cristian Gafton 1999-08-30 02:16:59 UTC
That means that the /etc directory will have to be writeable by the shadow group, because that's wehere the lcok files are created. Making the whole /etc writeable for the shadow group is not a small price to pay for this :-(
Comment 2 Andrew Bartlett 2000-11-19 01:19:47 UTC
Why would the shadow group need locking? Certainly many of the shadow utilities don't use locks, including chage as far as I can tell. pwdb_pwchck also appears not to use locks, so this should actualy be pretty painless. I think that this is somting thats actualy worth implementing, as RedHat has been getting better re set-uid utilites, this would nail another couple.