emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

man: Don't suggest making groupmems user-writeable

Browse Source 
Suggesting mode 2770 is dangerous because it makes the binary writeable
by all members of the owning group which is supposed to be normal
end-users. Suggest 2710 instead as is usual for s[ug]id binaries,
allowing execution but neither reading nor writing.

Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
This commit is contained in:
Michael Weiser
2019-12-17 21:13:07 +01:00
parent 7f53048875
commit a73d4aee75
12 changed files with 37 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
man/po/shadow-man-pages.pot
View File

@@ -4233,12 +4233,12 @@ msgid "SETUP"
msgstr ""
#: groupmems.8.xml:181(para)
msgid "The <command>groupmems</command> executable should be in mode <literal>2770</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
msgid "The <command>groupmems</command> executable should be in mode <literal>2710</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
msgstr ""
#: groupmems.8.xml:190(programlisting)
#, no-wrap
msgid "\n\t$ groupadd -r groups\n\t$ chmod 2770 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n "
msgid "\n\t$ groupadd -r groups\n\t$ chmod 2710 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n "
msgstr ""
#: groupmems.8.xml:222(para)