[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#3244: (no subject)

On Fri, 7 Jun 1996, Martin Schulze wrote:

> recently I noticed that the password program doesn
> t change the password it should.  If I su and call passwd
> the root password isn't changed, but my user password.
> I think (?!) this can be fixed by looking at the uid/euid
> when trying to find out for which user the program should work.

Actually this isn't a bug.  If you want to change root's passwd, you'll
just have to type 'passwd root' as root.

passwd must find out the login name of the user running the program.
Doing a getpwuid(getuid()) as you suggest won't work if a user has
multiple login names, each with the same user ID.  Looking through the
utmp for ttyname() or doing getenv("LOGNAME") can both be fooled.

So POSIX provides getlogin().  The system keeps track of who's logged
in for you.  But if you su to a user, the old user is still logged in.
This is only a problem if you su to an id=0 account.

(Closing this bug.)


Reply to: