[Toybox] [patch] add su
Strake
strake888 at gmail.com
Thu Aug 15 17:01:56 PDT 2013
On 14/08/2013, Rob Landley <rob at landley.net> wrote:
> The root user is uid 0, which could be _named_ anything. (Crazy people
> say "wheel".) So we need a getwpuid(0) else getpwnam(name) and then do
> the shadow lookup based on that name.
I would likely write a function getspuid, but I'm not sure how you
wish to do this, so I'll leave it for now.
>> + passhash = crypt (toybuf, shp -> sp_pwdp);
>> + if (!passhash) perror_exit ("failed to compute password hash");
>> + for (ii = 0; toybuf[ii]; ii++) toybuf[ii] = 0;
>
> Proper paranoia would probably swap those last two lines.
Derp.
> Hmmm, should the suid plumbing in main.c mlockall() when we don't drop
> privs?
I think so. Particularly if someone can read the swap medium but not /dev/mem.
>> + if (toys.optflags & FLAG_c) {
>> + argv[1] = toys.optflags & FLAG_l ? "-lc" : "-c";
>> + argv[2] = TT.cArgu;
>> + argv += 2;
>> + }
>> + else if (toys.optflags & FLAG_l) (argv++)[1] = "-l";
>
> Is there a reason you can't do -l -c as two arguments and just test
> once?
No, was just stupid.
>From 29dc3c3206c7280d159c9d0e27125fdbe1dd0a61 Mon Sep 17 00:00:00 2001
From: Strake <strake888 at gmail.com>
Date: Mon, 30 Jun 2003 15:50:05 -0500
Subject: [PATCH] su: cleanery
* make help message more like others
* s/TT\.(.)Argu/TT.\1/g
* move environ to toys.h
* simplify failure messages
* clear password before quit
* not check what execve returns
* -lc
---
toys.h | 2 ++
toys/pending/su.c | 67 +++++++++++++++++++++++++++----------------------------
2 files changed, 35 insertions(+), 34 deletions(-)
diff --git a/toys.h b/toys.h
index 2ce1d0a..c810123 100644
--- a/toys.h
+++ b/toys.h
@@ -117,6 +117,8 @@ extern struct toy_context {
extern char toybuf[4096];
+extern char **environ;
+
#define GLOBALS(...)
#define ARRAY_LEN(array) (sizeof(array)/sizeof(*array))
diff --git a/toys/pending/su.c b/toys/pending/su.c
index cf9b599..529042b 100644
--- a/toys/pending/su.c
+++ b/toys/pending/su.c
@@ -10,14 +10,14 @@ config SU
bool "su"
default n
help
- usage: su [-lmp] [-c cmd] [-s shell] [user [argu...]]
-
+ usage: su [-lmp] [-c CMD] [-s SHELL] [USER [ARGS...]]
+
Switch to given user, or root if not given, and call a shell with
the given arguments.
-
+
options:
-s shell to call
-c command to pass to shell with -c
-
+
flags:
-l login shell
-(m|p) preserve environment
@@ -27,12 +27,10 @@ config SU
#include "toys.h"
GLOBALS(
- char *sArgu;
- char *cArgu;
+ char *s;
+ char *c;
)
-extern char **environ;
-
static void deny () {
printf ("Denied\n");
xexit ();
@@ -43,56 +41,57 @@ void su_main () {
struct passwd *up;
struct spwd *shp;
long ii;
-
+
if (toys.optc && strcmp ("-", toys.optargs[0]) == 0) {
toys.optflags |= FLAG_l;
toys.optc--; toys.optargs++;
}
-
+
if (toys.optc) {
name = toys.optargs[0];
toys.optc--; toys.optargs++;
}
else name = "root";
shp = getspnam (name);
- if (!shp) perror_exit ("failed to find password");
-
+ if (!shp) perror_exit ("can't find password");
+
switch (shp -> sp_pwdp[0]) {
case '!': deny ();
case '$': break;
default : error_exit ("bad password format");
}
- if (read_password (toybuf, sizeof (toybuf), "Password: ") != 0)
perror_exit ("failed to read password");
+ if (read_password (toybuf, sizeof (toybuf), "Password: ") != 0)
perror_exit ("can't read password");
passhash = crypt (toybuf, shp -> sp_pwdp);
- if (!passhash) perror_exit ("failed to compute password hash");
for (ii = 0; toybuf[ii]; ii++) toybuf[ii] = 0;
-
+ if (!passhash) perror_exit ("can't crypt");
+
if (strcmp (passhash, shp -> sp_pwdp) != 0) deny ();
-
+
up = getpwnam (name);
- if (!up) perror_exit ("failed to getpwnam");
-
- if (setuid (up -> pw_uid) < 0) perror_exit ("failed to setuid");
- if (chdir (up -> pw_dir) < 0) perror_exit ("failed to chdir");
-
+ if (!up) perror_exit ("can't getpwnam");
+
+ xsetuid (up -> pw_uid);
+ xchdir (up -> pw_dir);
+
argu = xmalloc (sizeof (char *)*(toys.optc + 4));
argv = argu;
- argv[0] = toys.optflags & FLAG_s ? TT.sArgu : up -> pw_shell;
+ argv[0] = toys.optflags & FLAG_s ? TT.s : up -> pw_shell;
+ if (toys.optflags & FLAG_l) (argv++)[1] = "-l";
if (toys.optflags & FLAG_c) {
- argv[1] = toys.optflags & FLAG_l ? "-lc" : "-c";
- argv[2] = TT.cArgu;
+ argv[1] = "-c";
+ argv[2] = TT.c;
argv += 2;
}
- else if (toys.optflags & FLAG_l) (argv++)[1] = "-l";
- for (ii = 0; ii < toys.optc; ii++) argv[ii + 1] = toys.optargs[ii];
- if (execve (argu[0], argu,
- toys.optflags & FLAG_l ? (char *[]){
- xmsprintf ( "HOME=%s", up -> pw_dir),
- xmsprintf ("SHELL=%s", up -> pw_shell),
- xmsprintf ( "USER=%s", up -> pw_name),
- xmsprintf ( "TERM=%s", getenv ("TERM")),
- 0
- } : environ) < 0) perror_exit ("failed to exec %s", argu[0]);
+ memcpy (argv + 1, toys.optargs, sizeof (char *)*toys.optc);
+ execve (argu[0], argu,
+ toys.optflags & FLAG_l ? (char *[]){
+ xmsprintf ( "HOME=%s", up -> pw_dir),
+ xmsprintf ("SHELL=%s", up -> pw_shell),
+ xmsprintf ( "USER=%s", up -> pw_name),
+ xmsprintf ( "TERM=%s", getenv ("TERM")),
+ 0
+ } : environ);
+ perror_exit ("can't exec %s", argu[0]);
}
--
1.8.3.4
1376611316.0
More information about the Toybox
mailing list