On Mon, Mar 19, 2001 at 01:50:30PM -0500, Laine Stump wrote:
> It's been a long time since I tried running passwd from an account
> that wasn't a member of wheel. Just today I noticed that, both on a
> 1.5 system using binaries from the tarballs, and on a 1.5S system with
> binaries built locally, passwd fails immediately with "Permission
> denied" if the current user isn't a member of wheel. Here's the
> directory listing for /usr/bin/passwd:
> 
>    # ls -l `which passwd`
>    -r-sr-xr-x  2 root  wheel  13484 Mar 11 12:55 /usr/bin/passwd*
>    # passwd
>    passwd: Permission denied
> 
> I ran ktrace, and it won't show anything past the attempt to exec the
> binary. I'm not sure if this is because it's executing, but ktrace
> can't follow it across the suid, or if the exec itself is
> failing. Here's the listings of the files that the manpage says are
> accessed by passwd:
> 
>    -rw-------  1 root  wheel  1973 Mar 10 14:05 /etc/master.passwd
>    -rw-r--r--  1 root  wheel  1628 Mar 10 14:05 /etc/passwd

No, the files used are
/etc/pwd.db
/etc/spwd.db

--
Manuel Bouyer <bouyer@antioche.eu.org>
--