Bug 4691 - /usr/bin/chage too privileged
/usr/bin/chage too privileged
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 1999-08-24 16:06 EDT by Chris Evans
Modified: 2008-05-01 11:37 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 1999-08-29 22:16:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chris Evans 1999-08-24 16:06:16 EDT
/usr/bin/chage is suid root.
It runs fine "sgid shadow", proving /etc/shadow is group
shadow and group readable.
Principle of least privilege is violated.
It is a fairly trivial enhancement. It could be implemented
along with making /sbin/pwdb_chkpwd "sgid shadow" too. Two
less suid root binaries, can't be bad can it?
Comment 1 Cristian Gafton 1999-08-29 22:16:59 EDT
That means that the /etc directory will have to be writeable by the
shadow group, because that's wehere the lcok files are created. Making
the whole /etc writeable for the shadow group is not a small price to
pay for this :-(
Comment 2 Andrew Bartlett 2000-11-18 20:19:47 EST
Why would the shadow group need locking?   Certainly many of the shadow
utilities don't use locks, including chage as far as I can tell.  pwdb_pwchck
also appears not to use locks, so this should actualy be pretty painless.

I think that this is somting thats actualy worth implementing, as RedHat has
been getting better re set-uid utilites, this would nail another couple.

Note You need to log in before you can comment on or make changes to this bug.