[Pkg-shadow-commits] r1866 - in upstream/trunk: . src

nekral-guest at alioth.debian.org nekral-guest at alioth.debian.org
Tue Feb 26 18:59:29 UTC 2008 

Author: nekral-guest
Date: 2008-02-26 18:59:28 +0000 (Tue, 26 Feb 2008)
New Revision: 1866

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/gpasswd.c
Log:
 * Fix typo in comment.
 * Move comment regarding FIRST_MEMBER_IS_ADMIN to
   where it belongs.
 * Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
   section.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2008-02-25 21:46:27 UTC (rev 1865)
+++ upstream/trunk/ChangeLog	2008-02-26 18:59:28 UTC (rev 1866)
@@ -1,3 +1,11 @@
+2008-02-26  Nicolas François  <nicolas.francois at centraliens.net>
+
+	* src/gpasswd.c: Fix typo in comment.
+	* src/gpasswd.c: Move comment regarding FIRST_MEMBER_IS_ADMIN to
+	where it belongs.
+	* src/gpasswd.c: Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
+	section.
+
 2008-02-25  Nicolas François  <nicolas.francois at centraliens.net>
 
 	* man/po/Makefile.in.in: Use --previous when merging PO files of

Modified: upstream/trunk/src/gpasswd.c
===================================================================
--- upstream/trunk/src/gpasswd.c	2008-02-25 21:46:27 UTC (rev 1865)
+++ upstream/trunk/src/gpasswd.c	2008-02-26 18:59:28 UTC (rev 1866)
@@ -423,12 +423,17 @@
 
 #ifdef FIRST_MEMBER_IS_ADMIN
 	/*
-	 * The policy here for changing a group is that 1) you must bes root
+	 * The policy here for changing a group is that 1) you must be root
 	 * or 2) you must be the first listed member of the group. The
 	 * first listed member of a group can do anything to that group that
 	 * the root user can. The rationale for this hack is that the FIRST
 	 * user is probably the most important user in this entire group.
 	 */
+	/*
+	 * This feature enabled by default could be a security problem when
+	 * installed on existing systems where the first group member might
+	 * be just a normal user.  --marekm
+	 */
 	if (!amroot) {
 		if (gr->gr_mem[0] == (char *) 0) {
 #ifdef WITH_AUDIT
@@ -446,12 +451,7 @@
 			failure ();
 		}
 	}
-#else
-	/*
-	 * This feature enabled by default could be a security problem when
-	 * installed on existing systems where the first group member might
-	 * be just a normal user.  --marekm
-	 */
+#else				/* ! FIRST_MEMBER_IS_ADMIN */
 	if (!amroot) {
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,

More information about the Pkg-shadow-commits mailing list