[Pkg-shadow-commits] r1866 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Tue Feb 26 18:59:29 UTC 2008
Author: nekral-guest
Date: 2008-02-26 18:59:28 +0000 (Tue, 26 Feb 2008)
New Revision: 1866
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/gpasswd.c
Log:
* Fix typo in comment.
* Move comment regarding FIRST_MEMBER_IS_ADMIN to
where it belongs.
* Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
section.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-02-25 21:46:27 UTC (rev 1865)
+++ upstream/trunk/ChangeLog 2008-02-26 18:59:28 UTC (rev 1866)
@@ -1,3 +1,11 @@
+2008-02-26 Nicolas François <nicolas.francois at centraliens.net>
+
+ * src/gpasswd.c: Fix typo in comment.
+ * src/gpasswd.c: Move comment regarding FIRST_MEMBER_IS_ADMIN to
+ where it belongs.
+ * src/gpasswd.c: Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
+ section.
+
2008-02-25 Nicolas François <nicolas.francois at centraliens.net>
* man/po/Makefile.in.in: Use --previous when merging PO files of
Modified: upstream/trunk/src/gpasswd.c
===================================================================
--- upstream/trunk/src/gpasswd.c 2008-02-25 21:46:27 UTC (rev 1865)
+++ upstream/trunk/src/gpasswd.c 2008-02-26 18:59:28 UTC (rev 1866)
@@ -423,12 +423,17 @@
#ifdef FIRST_MEMBER_IS_ADMIN
/*
- * The policy here for changing a group is that 1) you must bes root
+ * The policy here for changing a group is that 1) you must be root
* or 2) you must be the first listed member of the group. The
* first listed member of a group can do anything to that group that
* the root user can. The rationale for this hack is that the FIRST
* user is probably the most important user in this entire group.
*/
+ /*
+ * This feature enabled by default could be a security problem when
+ * installed on existing systems where the first group member might
+ * be just a normal user. --marekm
+ */
if (!amroot) {
if (gr->gr_mem[0] == (char *) 0) {
#ifdef WITH_AUDIT
@@ -446,12 +451,7 @@
failure ();
}
}
-#else
- /*
- * This feature enabled by default could be a security problem when
- * installed on existing systems where the first group member might
- * be just a normal user. --marekm
- */
+#else /* ! FIRST_MEMBER_IS_ADMIN */
if (!amroot) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
More information about the Pkg-shadow-commits
mailing list