I need to have group passwords.
If I port /bin/newgrp from, say, FreeBSD - what may get broken in QNX4? What in OS depends on the current absence of group passwords?
Do I get it right - I need to modify just two programs - /bin/newgrp and /bin/passwd. The later - to add switches into it to works with /etc/gshadow file.
I’ve found several implementations of /bin/newgrp
Strangely, all of them ask for a group password only if a user has no login password. More strange is the fact that they let anyone to join a group no matter if one is not a member - the correct group password is enough for anyone to join any group.
And finally - they look for the group password in the /etc/group…
Man pages tell that the group passwords are deprecated, users tend to have bad practises with them, etc…
Well, in such the implementations - yes, it’s useless.
I need yet another obstacle on the way to gain root’s privileges. I’ve set “/bin/su”'s modes to “root:wheels -r-sr-xr–”. So, first one has to join “wheels” group - for this to guess one 6~8-symbols combination, then he has to guess yet another 8~12 symbols of the root’s password…
If one is not a group member - there should be no way for him to join it - password or not. And certainly - the hashed group password MUST reside somewhere in /etc/shadow.group
If someone allready has similar utility - I’d like to buy|obtain it.