Bug 14464 - newgrp does not honor group passwords
Summary: newgrp does not honor group passwords
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: util-linux
Version: 6.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Elliot Lee
QA Contact:
: 63975 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2000-07-22 17:56 UTC by Victor J. Orlikowski
Modified: 2007-04-18 16:27 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2001-07-17 19:11:29 UTC

Attachments (Terms of Use)

Description Victor J. Orlikowski 2000-07-22 17:56:09 UTC
When using newgrp, shadow passwords (for both users and groups), and MD5
encrypted passwords, users trying to enter a group with a valid group
password are denied entry to the group.

Comment 1 Elliot Lee 2001-07-17 19:11:22 UTC
Looking into just removing newgrp altogether, since it is setuid root and seems
to have all the usefulness of a colecovision binary...

Comment 2 Elliot Lee 2001-08-26 22:06:39 UTC
WONTFIX - people seemed to complain rather vehemently about removing newgrp
altogether, and it appears to be way too much work to fix newgrp to work with
PAM to handle the gshadow passwords.

Comment 3 Elliot Lee 2002-04-22 21:31:27 UTC
*** Bug 63975 has been marked as a duplicate of this bug. ***

Comment 4 David Tonhofer 2004-05-30 18:18:31 UTC
Just confirming weirdo newgrp behaviour in RedHat Fedora 2.0

Actually IMHO what happens is:

1) gpasswd writes crypted (not md5) password to /etc/gshadow
2) newgrp tries to read crypted password form /etc/group

Indeed, manual copy-and-paste of the crypted password from /etc/gshadow
to /etc/group yields the expected newgrp behaviour, i.e. the password
is recognized. 

Comment 5 David Tonhofer 2004-05-30 19:20:25 UTC
Cross-reference: please also see bug


for the 'latest' in this saga.

Note You need to log in before you can comment on or make changes to this bug.