72 lines
2.3 KiB
Diff
72 lines
2.3 KiB
Diff
|
From d9c09138d91566af49ef8179d9995c84294e2486 Mon Sep 17 00:00:00 2001
|
||
|
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
|
||
|
Date: Thu, 5 Nov 2015 16:27:36 +0200
|
||
|
Subject: [PATCH 10/12] su: FEATURE_SU_NULLOK_SECURE
|
||
|
|
||
|
When this feature is enabled, blank passwords are not accepted by su
|
||
|
unless the user is on a secure TTY defined in /etc/securetty. This
|
||
|
resembles the default PAM configuration of some Linux distros which
|
||
|
specify the nullok_secure option for pam_unix.so.
|
||
|
---
|
||
|
loginutils/su.c | 18 +++++++++++++-----
|
||
|
1 file changed, 13 insertions(+), 5 deletions(-)
|
||
|
|
||
|
diff --git a/loginutils/su.c b/loginutils/su.c
|
||
|
index 24ffbde86..086445243 100644
|
||
|
--- a/loginutils/su.c
|
||
|
+++ b/loginutils/su.c
|
||
|
@@ -24,6 +24,11 @@
|
||
|
//config: bool "Enable su to check user's shell to be listed in /etc/shells"
|
||
|
//config: depends on SU
|
||
|
//config: default y
|
||
|
+//config:config FEATURE_SU_NULLOK_SECURE
|
||
|
+//config: bool "Disallow blank passwords from TTYs other than specified in /etc/securetty"
|
||
|
+//config: depends on SU
|
||
|
+//config: default n
|
||
|
+
|
||
|
|
||
|
//applet:/* Needs to be run by root or be suid root - needs to change uid and gid: */
|
||
|
//applet:IF_SU(APPLET(su, BB_DIR_BIN, BB_SUID_REQUIRE))
|
||
|
@@ -76,6 +81,7 @@ int su_main(int argc UNUSED_PARAM, char **argv)
|
||
|
struct passwd *pw;
|
||
|
uid_t cur_uid = getuid();
|
||
|
const char *tty;
|
||
|
+ int allow_blank = 1;
|
||
|
#if ENABLE_FEATURE_UTMP
|
||
|
char user_buf[64];
|
||
|
#endif
|
||
|
@@ -100,6 +106,12 @@ int su_main(int argc UNUSED_PARAM, char **argv)
|
||
|
argv++;
|
||
|
}
|
||
|
|
||
|
+ tty = xmalloc_ttyname(STDIN_FILENO);
|
||
|
+ if (!tty) tty = "none";
|
||
|
+ tty = skip_dev_pfx(tty);
|
||
|
+
|
||
|
+ if (ENABLE_FEATURE_SU_NULLOK_SECURE) allow_blank = check_securetty(tty);
|
||
|
+
|
||
|
if (ENABLE_FEATURE_SU_SYSLOG) {
|
||
|
/* The utmp entry (via getlogin) is probably the best way to
|
||
|
* identify the user, especially if someone su's from a su-shell.
|
||
|
@@ -113,16 +125,12 @@ int su_main(int argc UNUSED_PARAM, char **argv)
|
||
|
pw = getpwuid(cur_uid);
|
||
|
old_user = pw ? xstrdup(pw->pw_name) : "";
|
||
|
}
|
||
|
- tty = xmalloc_ttyname(2);
|
||
|
- if (!tty) {
|
||
|
- tty = "none";
|
||
|
- }
|
||
|
openlog(applet_name, 0, LOG_AUTH);
|
||
|
}
|
||
|
|
||
|
pw = xgetpwnam(opt_username);
|
||
|
|
||
|
- if (cur_uid == 0 || ask_and_check_password(pw) > 0) {
|
||
|
+ if (cur_uid == 0 || ask_and_check_password_extended(pw, 0, allow_blank, "Password: ") > 0) {
|
||
|
if (ENABLE_FEATURE_SU_SYSLOG)
|
||
|
syslog(LOG_NOTICE, "%c %s %s:%s",
|
||
|
'+', tty, old_user, opt_username);
|
||
|
--
|
||
|
2.11.0
|
||
|
|