su: Use user names and read from the password file instead of using raw user IDs

This commit is contained in:
apio 2023-04-08 16:31:33 +02:00
parent 7667f49d62
commit 8b45766aaa
Signed by: apio
GPG Key ID: B8A7D06E42258954

View File

@ -1,11 +1,12 @@
#include <os/ArgumentParser.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main(int argc, char** argv)
{
StringView id;
StringView name;
if (geteuid() != 0)
{
@ -14,19 +15,24 @@ int main(int argc, char** argv)
}
os::ArgumentParser parser;
parser.add_positional_argument(id, "id"_sv, true);
parser.add_positional_argument(name, "name"_sv, true);
parser.parse(argc, argv);
int uid = atoi(id.chars());
if (uid == 0)
struct passwd* entry = getpwnam(name.chars());
if (!entry)
{
fprintf(stderr, "Already root!\n");
fprintf(stderr, "su: user %s not found!\n", name.chars());
return 1;
}
setgid(uid);
setuid(uid);
if (getuid() != geteuid())
{
fprintf(stderr, "FIXME: you have to enter %s's password first!\n", name.chars());
return 1;
}
execl("/bin/sh", "sh", NULL);
setgid(entry->pw_gid);
setuid(entry->pw_uid);
execl(entry->pw_shell, entry->pw_shell, NULL);
}