+2008-02-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Fix typo in comment.
+ * src/gpasswd.c: Move comment regarding FIRST_MEMBER_IS_ADMIN to
+ where it belongs.
+ * src/gpasswd.c: Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
+ section.
+
2008-02-25 Nicolas François <nicolas.francois@centraliens.net>
* man/po/Makefile.in.in: Use --previous when merging PO files of
#ifdef FIRST_MEMBER_IS_ADMIN
/*
- * The policy here for changing a group is that 1) you must bes root
+ * The policy here for changing a group is that 1) you must be root
* or 2) you must be the first listed member of the group. The
* first listed member of a group can do anything to that group that
* the root user can. The rationale for this hack is that the FIRST
* user is probably the most important user in this entire group.
*/
+ /*
+ * This feature enabled by default could be a security problem when
+ * installed on existing systems where the first group member might
+ * be just a normal user. --marekm
+ */
if (!amroot) {
if (gr->gr_mem[0] == (char *) 0) {
#ifdef WITH_AUDIT
failure ();
}
}
-#else
- /*
- * This feature enabled by default could be a security problem when
- * installed on existing systems where the first group member might
- * be just a normal user. --marekm
- */
+#else /* ! FIRST_MEMBER_IS_ADMIN */
if (!amroot) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
projects / shadow / commitdiff