At 20:47 -0500 1/14/02, dman wrote:
>What happened? Sudo can call a function and find out the uid of the
>user who ran it. Then it reverses that to a name (and gets the first
>one in /etc/passwd) and looks to see if that user is allowed to
>execute the requested command.
>
>I know this because I tried it once :-).
In a Unix which uses a wheel group (BSDi in this case) and won't let others
su to root, it's really bad news to (accidentally) create another group
with GID 0, and have it sort before wheel (most do) and then try using a
proper tool to manipulate /etc/group instead of editing it by hand.
In the absence of an open root window, that's fixed at the console...the
boss was crossing the Hood Canal Bridge heading home, so his ETA was within
5 minutes of mine...I let him fix it. It was his wanna-be comment which
created the errant group entry, anyhow...I triggered the sort.
--John (who now tests before closing the working root
window...oops...usually)
--
John Baxter jwblist@??? Port Ludlow, WA, USA