Bug 14464 - newgrp does not honor group passwords
newgrp does not honor group passwords
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: util-linux (Show other bugs)
6.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Elliot Lee
:
: 63975 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-07-22 13:56 EDT by Victor J. Orlikowski
Modified: 2007-04-18 12:27 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-07-17 15:11:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Victor J. Orlikowski 2000-07-22 13:56:09 EDT
When using newgrp, shadow passwords (for both users and groups), and MD5
encrypted passwords, users trying to enter a group with a valid group
password are denied entry to the group.
Comment 1 Elliot Lee 2001-07-17 15:11:22 EDT
Looking into just removing newgrp altogether, since it is setuid root and seems
to have all the usefulness of a colecovision binary...
Comment 2 Elliot Lee 2001-08-26 18:06:39 EDT
WONTFIX - people seemed to complain rather vehemently about removing newgrp
altogether, and it appears to be way too much work to fix newgrp to work with
PAM to handle the gshadow passwords.
Comment 3 Elliot Lee 2002-04-22 17:31:27 EDT
*** Bug 63975 has been marked as a duplicate of this bug. ***
Comment 4 David Tonhofer 2004-05-30 14:18:31 EDT
Just confirming weirdo newgrp behaviour in RedHat Fedora 2.0

Actually IMHO what happens is:

1) gpasswd writes crypted (not md5) password to /etc/gshadow
2) newgrp tries to read crypted password form /etc/group

Indeed, manual copy-and-paste of the crypted password from /etc/gshadow
to /etc/group yields the expected newgrp behaviour, i.e. the password
is recognized. 
Comment 5 David Tonhofer 2004-05-30 15:20:25 EDT
Cross-reference: please also see bug

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=85280

for the 'latest' in this saga.

Note You need to log in before you can comment on or make changes to this bug.