netbsd-bugs: bin/1894: nobody can su when wheel group is empty

Subject: bin/1894: nobody can su when wheel group is empty
To: None <gnats-bugs@gnats.netbsd.org>
From: Arne H. Juul <arnej@pvv.unit.no>
List: netbsd-bugs
Date: 01/06/1996 02:00:56

>Number:         1894
>Category:       bin
>Synopsis:       nobody can su when wheel group is empty
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Jan  5 20:35:13 1996
>Last-Modified:
>Originator:     Arne H. Juul
>Organization:
	Norwegian University of Technology and Science
>Release:        NetBSD-1.1
>Environment:
	
System: NetBSD bygdin.pvv.unit.no 1.1 NetBSD 1.1 (GENERIC) #1: Sun Nov 26 04:41:03 MET 1995 arnej@asgaut.pvv.unit.no:/usr/src/sys/arch/sparc/compile/GENERIC sparc

>Description:
	There is no way to specify a policy where all users are
allowed to su to root.  My strong opinion is that such a policy
should be selectable, but I also feel that the current NetBSD policy
is most often preferable.

A common way of specifying all-allowed is to leave the wheel group
completely empty in your group file.  This has the added advantage
that the old NetBSD policy can be retained without any further
modifications; so nobody is allowed to su root until the group file
actually is edited, since NetBSD by default has root as a member
of group wheel.

>How-To-Repeat:
	Install NetBSD at your local CompSci/hacker club machines.
>Fix:
	
diff -ru orig/su.1 ./su.1
--- orig/su.1	Sat Jan  6 01:56:59 1996
+++ ./su.1	Sat Jan  6 01:37:51 1996
@@ -137,12 +137,13 @@
 options are mutually exclusive; the last one specified
 overrides any previous ones.
 .Pp
-Only users in group 0 (normally
+Only users listed in group 0 (normally
 .Dq wheel )
 can
 .Nm su
 to
-.Dq root .
+.Dq root , 
+unless this group is empty.
 .Pp
 By default (unless the prompt is reset by a startup file) the super-user
 prompt is set to
diff -ru orig/su.c ./su.c
--- orig/su.c	Sat Jan  6 01:57:07 1996
+++ ./su.c	Sat Jan  6 01:22:42 1996
@@ -155,7 +155,8 @@
 #endif
 	    {
 		/* only allow those in group zero to su to root. */
-		if (pwd->pw_uid == 0 && (gr = getgrgid((gid_t)0)))
+		if (pwd->pw_uid == 0 && (gr = getgrgid((gid_t)0))
+		    && gr->gr_mem && *(gr->gr_mem))
 			for (g = gr->gr_mem;; ++g) {
 				if (!*g) {
 					(void)fprintf(stderr,
>Audit-Trail:
>Unformatted: