From: Thomas Walker Lynch <eknp9n@reasoningtechnology.com>
Date: Sat, 20 Sep 2025 19:27:21 +0000 (+0000)
Subject: blessing the root user
X-Git-Url: https://git.reasoningtechnology.com/usr/lib/python2.7/encodings/cp865.py?a=commitdiff_plain;h=006dd48f14798b398aa5ed68237bbcf5db3d53b7;p=Man-In-Grey

blessing the root user
---

diff --git a/developer/machine/x86_64/man_in_grey_apply b/developer/machine/x86_64/man_in_grey_apply
index ee431ab..48dfade 100755
Binary files a/developer/machine/x86_64/man_in_grey_apply and b/developer/machine/x86_64/man_in_grey_apply differ
diff --git a/developer/source/Man_In_Grey_apply.c b/developer/source/Man_In_Grey_apply.c
index 9cd35f3..0b8f386 100644
--- a/developer/source/Man_In_Grey_apply.c
+++ b/developer/source/Man_In_Grey_apply.c
@@ -116,13 +116,13 @@ int main(int argc ,char **argv) {
     return 0;
   }
 
-  /* policy: if privileged but user is not in sudo group, explain and abort */
-  if (privileged && !in_sudo) {
-    struct passwd *pw = getpwuid(getuid());
+  /* policy: if privileged but real user is neither root nor in sudo, abort */
+  uid_t ruid = getuid();
+  if (privileged && ruid != 0 && !in_sudo) {
+    struct passwd *pw = getpwuid(ruid);
     const char *name = pw ? pw->pw_name : "unknown";
     fprintf(stderr,
-      "refusing privileged apply: real user '%s' is not a member of group 'sudo'\n"
-      "hint: either add user to sudo, or remove setuid bit from man_in_grey_apply to test unprivileged.\n",
+      "refusing privileged apply: real user '%s' is not root and not in group 'sudo'\n",
       name
     );
     return 1;
diff --git a/release/x86_64/man_in_grey_apply b/release/x86_64/man_in_grey_apply
index ee431ab..48dfade 100755
Binary files a/release/x86_64/man_in_grey_apply and b/release/x86_64/man_in_grey_apply differ