We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
ladybird
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Userland: Make su require passwords

Peter Elliott 5 years ago
parent
207fb054e5
commit
99ddbb83e8
3 changed files with 27 additions and 14 deletions
Split View Show Diff Stats
  1. 10 10
      Base/etc/passwd
  2. 1 0
      Userland/CMakeLists.txt
  3. 16 4
      Userland/su.cpp

+ 10 - 10
Base/etc/passwd
View File 

@@ -1,10 +1,10 @@
 
-root:x:0:0:root:/root:/bin/sh
 
-lookup:x:10:10:LookupServer,,,:/:/bin/false
 
-protocol:x:11:11:ProtocolServer,,,:/:/bin/false
 
-notify:x:12:12:NotificationServer,,,:/:/bin/false
 
-window:x:13:13:WindowServer,,,:/:/bin/false
 
-clipboard:x:14:14:Clipboard,,,:/:/bin/false
 
-webcontent:x:15:15:WebContent,,,:/:/bin/false
 
-image:x:16:16:ImageDecoder,,,:/:/bin/false
 
-anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 
-nona:x:200:200:Nona,,,:/home/nona:/bin/sh
 
+root::0:0:root:/root:/bin/sh
 
+lookup:!:10:10:LookupServer,,,:/:/bin/false
 
+protocol:!:11:11:ProtocolServer,,,:/:/bin/false
 
+notify:!:12:12:NotificationServer,,,:/:/bin/false
 
+window:!:13:13:WindowServer,,,:/:/bin/false
 
+clipboard:!:14:14:Clipboard,,,:/:/bin/false
 
+webcontent:!:15:15:WebContent,,,:/:/bin/false
 
+image:!:16:16:ImageDecoder,,,:/:/bin/false
 
+anon:!:100:100:Anonymous,,,:/home/anon:/bin/sh
 
+nona:!:200:200:Nona,,,:/home/nona:/bin/sh

+ 1 - 0
Userland/CMakeLists.txt
View File 

@@ -32,6 +32,7 @@ target_link_libraries(pape LibGUI)
 
 target_link_libraries(passwd LibCrypt)
 
 target_link_libraries(paste LibGUI)
 
 target_link_libraries(pro LibProtocol)
 
+target_link_libraries(su LibCrypt)
 
 target_link_libraries(test-crypto LibCrypto LibTLS LibLine)
 
 target_link_libraries(test-js LibJS LibLine LibCore)
 
 target_link_libraries(test-web LibWeb)

+ 16 - 4
Userland/su.cpp
View File 

@@ -25,6 +25,7 @@
 
  */
 
 
 #include <AK/Vector.h>
 
+#include <LibCore/GetPassword.h>
 
 #include <alloca.h>
 
 #include <grp.h>
 
 #include <pwd.h>
 
@@ -38,9 +39,6 @@ int main(int argc, char** argv)
 
 {
 
     if (geteuid() != 0) {
 
         fprintf(stderr, "Not running as root :(\n");
 
-    } else if (getuid() != 0) {
 
-        const char* target_user = argc > 1 ? argv[1] : "root";
 
-        fprintf(stderr, "Access to account '%s' granted\n", target_user);
 
     }
 
 
     uid_t uid = 0;
 
@@ -64,6 +62,20 @@ int main(int argc, char** argv)
 
         return 1;
 
     }
 
 
+    if (getuid() != 0 && pwd->pw_passwd[0] != '\0') {
 
+        auto password = Core::get_password();
 
+        if (password.is_error()) {
 
+            fprintf(stderr, strerror(password.error()));
 
+            return 1;
 
+        }
 
+
 
+        char* hash = crypt(password.value().characters(), pwd->pw_passwd);
 
+        if (hash == NULL || strcmp(hash, pwd->pw_passwd) != 0) {
 
+            fprintf(stderr, "Incorrect or disabled password.\n");
 
+            return 1;
 
+        }
 
+    }
 
+
 
     Vector<gid_t> extra_gids;
 
     for (auto* group = getgrent(); group; group = getgrent()) {
 
         for (size_t i = 0; group->gr_mem[i]; ++i) {
 
@@ -88,7 +100,7 @@ int main(int argc, char** argv)
 
         perror("setuid");
 
         return 1;
 
     }
 
-    rc = execl("/bin/sh", "sh", nullptr);
 
+    rc = execl(pwd->pw_shell, pwd->pw_shell, nullptr);
 
     perror("execl");
 
     return 1;
 
 }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5