![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to su.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 3BSD / cmd|
Return to su.c CVS log | Up to [CSRG BSD Unix] / 3BSD / cmd |
1.1 root 1: #include <stdio.h>
2: #include <pwd.h>
3:
4: struct passwd *pwd,*getpwnam();
5: char *crypt();
6: char *getpass();
7:
8: main(argc,argv)
9: int argc;
10: char **argv;
11: {
12: char *nptr;
13: char *password;
14: int badsw = 0;
15: char *shell = "/bin/sh";
16:
17: if(argc > 1)
18: nptr = argv[1];
19: else
20: nptr = "root";
21: if((pwd=getpwnam(nptr)) == NULL) {
22: printf("Unknown id: %s\n",nptr);
23: exit(1);
24: }
25: if(pwd->pw_passwd[0] == '\0' || getuid() == 0)
26: goto ok;
27: password = getpass("Password:");
28: if(badsw || (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0)) {
29: bad:
30: printf("Sorry\n");
31: if(pwd->pw_uid == 0) {
32: FILE *console = fopen("/dev/console", "w");
33: if (console != NULL) {
34: fprintf(console, "BADSU: %s %s\r\n", getlogin(), ttyname(2));
35: fclose(console);
36: }
37: }
38: exit(2);
39: }
40: if(pwd->pw_uid == 0 && badroot(getgid(),getuid()))
41: goto bad;
42:
43: ok:
44: endpwent();
45: if(pwd->pw_uid == 0) {
46: FILE *console = fopen("/dev/console", "w");
47: if (console != NULL) {
48: fprintf(console, "SU: %s %s\r\n", getlogin(), ttyname(2));
49: fclose(console);
50: }
51: }
52: setgid(pwd->pw_gid);
53: setuid(pwd->pw_uid);
54: if (pwd->pw_shell && *pwd->pw_shell)
55: shell = pwd->pw_shell;
56: homeis(pwd->pw_dir);
57: shellis(shell);
58: execl(shell, "su", 0);
59: printf("No shell\n");
60: exit(3);
61: }
62: badroot(gid,uid)
63: {
64: /*
65: if(gid!=10 || (uid > 15 && (uid!=40 && uid!=209 && uid!=203
66: && uid!=54 && uid!=245)))
67: return(1);
68: else
69: */
70: return(0);
71: }
72:
73: char **environ;
74:
75: homeis(hp)
76: char *hp;
77: {
78: register char *cp, *dp;
79: register char **ep = environ;
80: static char homebuf[128];
81:
82: while (dp = *ep++) {
83: for (cp = "HOME"; *cp == *dp && *cp; cp++, dp++)
84: continue;
85: if (*cp == 0 && (*dp == '=' || *dp == 0)) {
86: strcpy(homebuf, "HOME=");
87: strcat(homebuf, hp);
88: *--ep = homebuf;
89: return;
90: }
91: }
92: }
93:
94: shellis(sp)
95: char *sp;
96: {
97: register char *cp, *dp;
98: register char **ep = environ;
99: static char shellbuf[128];
100:
101: while (dp = *ep++) {
102: for (cp = "SHELL"; *cp == *dp && *cp; cp++, dp++)
103: continue;
104: if (*cp == 0 && (*dp == '=' || *dp == 0)) {
105: strcpy(shellbuf, "SHELL=");
106: strcat(shellbuf, sp);
107: *--ep = shellbuf;
108: return;
109: }
110: }
111: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.