man: Don't suggest making groupmems user-writeable

Suggesting mode 2770 is dangerous because it makes the binary writeable
by all members of the owning group which is supposed to be normal
end-users. Suggest 2710 instead as is usual for s[ug]id binaries,
allowing execution but neither reading nor writing.

Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
This commit is contained in:
Michael Weiser 2019-12-17 21:13:07 +01:00
parent 7f53048875
commit a73d4aee75
12 changed files with 37 additions and 37 deletions

View File

@ -46,7 +46,7 @@ Vypíše seznam členů skupiny.
Příkaz Příkaz
\fBgroupmems\fR \fBgroupmems\fR
by měl mít nastavena práva by měl mít nastavena práva
2770 2710
a měl by jej vlastnit uživatel a měl by jej vlastnit uživatel
\fIroot\fR \fIroot\fR
a skupina a skupina
@ -58,7 +58,7 @@ spravovat členství ve skupinách.
.sp .sp
.nf .nf
$ groupadd \-r groups $ groupadd \-r groups
$ chmod 2770 groupmems $ chmod 2710 groupmems
$ chown root.groups groupmems $ chown root.groups groupmems
$ groupmems \-g groups \-a gk4 $ groupmems \-g groups \-a gk4

View File

@ -180,7 +180,7 @@
<title>SETUP</title> <title>SETUP</title>
<para> <para>
The <command>groupmems</command> executable should be in mode The <command>groupmems</command> executable should be in mode
<literal>2770</literal> as user <emphasis>root</emphasis> and in group <literal>2710</literal> as user <emphasis>root</emphasis> and in group
<emphasis>groups</emphasis>. The system administrator can add users to <emphasis>groups</emphasis>. The system administrator can add users to
group <emphasis>groups</emphasis> to allow or disallow them using the group <emphasis>groups</emphasis> to allow or disallow them using the
<command>groupmems</command> utility to manage their own group <command>groupmems</command> utility to manage their own group
@ -189,7 +189,7 @@
<programlisting> <programlisting>
$ groupadd -r groups $ groupadd -r groups
$ chmod 2770 groupmems $ chmod 2710 groupmems
$ chown root.groups groupmems $ chown root.groups groupmems
$ groupmems -g groups -a gk4 $ groupmems -g groups -a gk4
</programlisting> </programlisting>

View File

@ -6980,7 +6980,7 @@ msgstr ""
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
@ -6992,7 +6992,7 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -8878,14 +8878,14 @@ msgstr "EINRICHTUNG"
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
"utility to manage their own group membership list." "utility to manage their own group membership list."
msgstr "" msgstr ""
"Die ausführbare Datei <command>groupmems</command> sollte die Rechte " "Die ausführbare Datei <command>groupmems</command> sollte die Rechte "
"<literal>2770</literal> haben und dem Benutzer <emphasis>root</emphasis> und " "<literal>2710</literal> haben und dem Benutzer <emphasis>root</emphasis> und "
"der Gruppe <emphasis>groups</emphasis> gehören. Der Systemadministrator kann " "der Gruppe <emphasis>groups</emphasis> gehören. Der Systemadministrator kann "
"Benutzer der Gruppe <emphasis>groups</emphasis> hinzufügen, um ihnen zu " "Benutzer der Gruppe <emphasis>groups</emphasis> hinzufügen, um ihnen zu "
"ermöglichen, mit <command>groupmems</command> die Mitgliederliste ihrer " "ermöglichen, mit <command>groupmems</command> die Mitgliederliste ihrer "
@ -8896,14 +8896,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -8701,14 +8701,14 @@ msgstr "CONFIGURATION"
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
"utility to manage their own group membership list." "utility to manage their own group membership list."
msgstr "" msgstr ""
"L'exécutable <command>groupmems</command> doit être installé en mode " "L'exécutable <command>groupmems</command> doit être installé en mode "
"<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> et " "<literal>2710</literal> avec pour utilisateur <emphasis>root</emphasis> et "
"pour groupe <emphasis>groups</emphasis>. L'administrateur système peut " "pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
"ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur " "ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
"permettre ou leur interdire d'utiliser <command>groupmems</command> pour " "permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
@ -8719,14 +8719,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -9254,14 +9254,14 @@ msgstr "CONFIGURAZIONE"
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
"utility to manage their own group membership list." "utility to manage their own group membership list."
msgstr "" msgstr ""
"L'eseguibile <command>groupmems</command> dovrebbe avere i permessi " "L'eseguibile <command>groupmems</command> dovrebbe avere i permessi "
"<literal>2770</literal> ed essere di proprietà di <emphasis>root</emphasis> " "<literal>2710</literal> ed essere di proprietà di <emphasis>root</emphasis> "
"e del gruppo <emphasis>groups</emphasis>. L'amministratore di sistema può " "e del gruppo <emphasis>groups</emphasis>. L'amministratore di sistema può "
"aggiungere utenti al gruppo <emphasis>groups</emphasis> per permettere loro " "aggiungere utenti al gruppo <emphasis>groups</emphasis> per permettere loro "
"di poter gestire l'elenco di membri del proprio gruppo tramite il comando " "di poter gestire l'elenco di membri del proprio gruppo tramite il comando "
@ -9272,14 +9272,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
" $ groupadd -r groups\n" " $ groupadd -r groups\n"
" $ chmod 2770 groupmems\n" " $ chmod 2710 groupmems\n"
" $ chown root.groups groupmems\n" " $ chown root.groups groupmems\n"
" $ groupmems -g groups -a gk4\n" " $ groupmems -g groups -a gk4\n"
" " " "

View File

@ -7558,7 +7558,7 @@ msgstr ""
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
@ -7570,14 +7570,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -9292,14 +9292,14 @@ msgstr "НАСТРОЙКА"
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
"utility to manage their own group membership list." "utility to manage their own group membership list."
msgstr "" msgstr ""
"Исполняемый файл программы <command>groupmems</command> должен иметь права " "Исполняемый файл программы <command>groupmems</command> должен иметь права "
"<literal>2770</literal>, принадлежать пользователю <emphasis>root</emphasis> " "<literal>2710</literal>, принадлежать пользователю <emphasis>root</emphasis> "
"и группе <emphasis>groups</emphasis>. Системный администратор может " "и группе <emphasis>groups</emphasis>. Системный администратор может "
"добавлять пользователей в группу <emphasis>groups</emphasis>, разрешая или " "добавлять пользователей в группу <emphasis>groups</emphasis>, разрешая или "
"запрещая им запускать программу <command>groupmems</command> для управления " "запрещая им запускать программу <command>groupmems</command> для управления "
@ -9311,14 +9311,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -4233,12 +4233,12 @@ msgid "SETUP"
msgstr "" msgstr ""
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "The <command>groupmems</command> executable should be in mode <literal>2770</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list." msgid "The <command>groupmems</command> executable should be in mode <literal>2710</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
msgstr "" msgstr ""
#: groupmems.8.xml:190(programlisting) #: groupmems.8.xml:190(programlisting)
#, no-wrap #, no-wrap
msgid "\n\t$ groupadd -r groups\n\t$ chmod 2770 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n " msgid "\n\t$ groupadd -r groups\n\t$ chmod 2710 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n "
msgstr "" msgstr ""
#: groupmems.8.xml:222(para) #: groupmems.8.xml:222(para)

View File

@ -7780,7 +7780,7 @@ msgstr ""
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
@ -7792,14 +7792,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -7960,7 +7960,7 @@ msgstr ""
#: groupmems.8.xml:181(para) #: groupmems.8.xml:181(para)
msgid "" msgid ""
"The <command>groupmems</command> executable should be in mode <literal>2770</" "The <command>groupmems</command> executable should be in mode <literal>2710</"
"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</" "literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
"emphasis>. The system administrator can add users to group <emphasis>groups</" "emphasis>. The system administrator can add users to group <emphasis>groups</"
"emphasis> to allow or disallow them using the <command>groupmems</command> " "emphasis> to allow or disallow them using the <command>groupmems</command> "
@ -7972,14 +7972,14 @@ msgstr ""
msgid "" msgid ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "
msgstr "" msgstr ""
"\n" "\n"
"\t$ groupadd -r groups\n" "\t$ groupadd -r groups\n"
"\t$ chmod 2770 groupmems\n" "\t$ chmod 2710 groupmems\n"
"\t$ chown root.groups groupmems\n" "\t$ chown root.groups groupmems\n"
"\t$ groupmems -g groups -a gk4\n" "\t$ groupmems -g groups -a gk4\n"
" " " "

View File

@ -9701,14 +9701,14 @@ msgstr ""
#~ msgid "" #~ msgid ""
#~ "The <command>groupmems</command> executable should be in mode " #~ "The <command>groupmems</command> executable should be in mode "
#~ "<literal>2770</literal> as user <emphasis>root</emphasis> and in group " #~ "<literal>2710</literal> as user <emphasis>root</emphasis> and in group "
#~ "<emphasis>groups</emphasis>. The system administrator can add users to " #~ "<emphasis>groups</emphasis>. The system administrator can add users to "
#~ "group <emphasis>groups</emphasis> to allow or disallow them using the " #~ "group <emphasis>groups</emphasis> to allow or disallow them using the "
#~ "<command>groupmems</command> utility to manage their own group membership " #~ "<command>groupmems</command> utility to manage their own group membership "
#~ "list." #~ "list."
#~ msgstr "" #~ msgstr ""
#~ "L'exécutable <command>groupmems</command> doit être installé en mode " #~ "L'exécutable <command>groupmems</command> doit être installé en mode "
#~ "<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> " #~ "<literal>2710</literal> avec pour utilisateur <emphasis>root</emphasis> "
#~ "et pour groupe <emphasis>groups</emphasis>. L'administrateur système peut " #~ "et pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
#~ "ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur " #~ "ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
#~ "permettre ou leur interdire d'utiliser <command>groupmems</command> pour " #~ "permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
@ -9717,14 +9717,14 @@ msgstr ""
#~ msgid "" #~ msgid ""
#~ "\n" #~ "\n"
#~ "\t$ groupadd -r groups\n" #~ "\t$ groupadd -r groups\n"
#~ "\t$ chmod 2770 groupmems\n" #~ "\t$ chmod 2710 groupmems\n"
#~ "\t$ chown root.groups groupmems\n" #~ "\t$ chown root.groups groupmems\n"
#~ "\t$ groupmems -g groups -a gk4\n" #~ "\t$ groupmems -g groups -a gk4\n"
#~ " " #~ " "
#~ msgstr "" #~ msgstr ""
#~ "\n" #~ "\n"
#~ "\t$ groupadd -r groups\n" #~ "\t$ groupadd -r groups\n"
#~ "\t$ chmod 2770 groupmems\n" #~ "\t$ chmod 2710 groupmems\n"
#~ "\t$ chown root.groups groupmems\n" #~ "\t$ chown root.groups groupmems\n"
#~ "\t$ groupmems -g groups -a gk4\n" #~ "\t$ groupmems -g groups -a gk4\n"
#~ " " #~ " "