Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
102 lines (89 sloc) 2.71 KB
/*
Write a set-user-ID-root program similar to the sudo(8) program.
This program should take command-line options and arguments as follows:
$ ./douser [-u user ] program-file arg1 arg2 ...
The douser program executes program-file, with the given arguments, as though it was run by user.
(If the –u option is omitted, then user should default to root.)
Before executing program-file, douser should request the password for user,
authenticate it against the standard password file (see Listing 8-2, on page 164),
and then set all of the process user and group IDs to the correct values for that user
*/
#define _BSD_SOURCE /* Get getpass() declaration from <unistd.h> */
#include <unistd.h>
#include <crypt.h>
#include <stdio.h>
#include <pwd.h>
#include <limits.h>
#include <shadow.h>
#include <errno.h>
#include "tlpi_hdr.h"
#include "error_functions.c"
/*
authenticate prompts the user for the password
and validates it, returning 0 on success.
*/
int
authenticate(char *username)
{
struct spwd *spwd;
struct passwd *pwd;
char *encrypted;
Boolean authOk;
pwd = getpwnam(username);
if (pwd == NULL)
fatal("could not get password file");
spwd = getspnam(username);
if (spwd == NULL && errno == EACCES)
fatal("no permission to read shadow password file");
if (spwd != NULL)
pwd->pw_passwd = spwd->sp_pwdp;
encrypted = crypt(getpass("Password:"), pwd->pw_passwd);
return strcmp(encrypted, pwd->pw_passwd);
}
int
main(int argc, char **argv)
{
char *envp[] = {"PATH=/bin:/usr/bin", NULL};
int c, status;
char *username = NULL;
struct passwd *pwd;
pid_t pid;
if (argc < 2) {
printf("Usage: %s [-u user] cmd args...\n", argv[0]);
exit(1);
}
while ((c = getopt (argc, argv, "u:")) != -1)
switch (c) {
case 'u':
username = optarg;
break;
case '?':
if (optopt == 'u')
fprintf (stderr, "Option -%c requires an argument.\n", optopt);
else
fprintf (stderr,
"Unknown option character `\\x%x'.\n",
optopt);
return 1;
}
if (username == NULL) {
username = "root\0";
}
if (authenticate(username) != 0) {
printf("Incorrect password\n");
exit(EXIT_FAILURE);
}
pwd = getpwnam(username);
if (pwd == NULL)
fatal("unable to retrieve user info");
if (setuid(pwd->pw_uid) != 0)
errExit("setuid");
pid = fork();
if (pid == -1) {
errExit("fork");
} else if (pid != 0) {
execvpe(argv[optind], &argv[optind], envp);
errExit("execvpe");
}
exit(EXIT_SUCCESS);
}