Add full support for determining if a user
is restricted from running a given program.
This commit is contained in:
parent
bc151cdc8c
commit
fbbe016b64
@ -7,10 +7,10 @@ CFLAGS+=-Wall -DLIBC_SCCS -I${.CURDIR} -I${.CURDIR}/../../sys
|
||||
#CFLAGS+=LOGIN_CAP_AUTH
|
||||
SRCS= login.c login_tty.c logout.c logwtmp.c pty.c setproctitle.c \
|
||||
login_cap.c login_class.c login_auth.c login_times.c login_ok.c \
|
||||
_secure_path.c uucplock.c
|
||||
_secure_path.c uucplock.c login_progok.c
|
||||
MAN3+= login.3 login_tty.3 logout.3 logwtmp.3 pty.3 setproctitle.3 \
|
||||
login_cap.3 login_class.3 login_times.3 login_ok.3 \
|
||||
_secure_path.3 uucplock.3
|
||||
_secure_path.3 uucplock.3 login_progok.3
|
||||
MAN5+= login.conf.5
|
||||
MLINKS+= pty.3 openpty.3 pty.3 forkpty.3
|
||||
MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \
|
||||
|
@ -18,7 +18,7 @@
|
||||
* 5. Modifications may be freely made to this file providing the above
|
||||
* conditions are met.
|
||||
*
|
||||
* $Id: libutil.h,v 1.9 1997/05/19 10:04:15 peter Exp $
|
||||
* $Id: libutil.h,v 1.10 1997/08/10 18:42:38 ache Exp $
|
||||
*/
|
||||
|
||||
#ifndef _LIBUTIL_H_
|
||||
@ -45,6 +45,7 @@ const char *uu_lockerr __P((int _uu_lockresult));
|
||||
int uu_lock __P((const char *_ttyname));
|
||||
int uu_unlock __P((const char *_ttyname));
|
||||
int _secure_path __P((const char *_path, uid_t _uid, gid_t _gid));
|
||||
int login_progok __P((uid_t _uid, const char *prog));
|
||||
__END_DECLS
|
||||
|
||||
#define UU_LOCK_INUSE (1)
|
||||
|
@ -17,7 +17,7 @@
|
||||
.\" 5. Modifications may be freely made to this file providing the above
|
||||
.\" conditions are met.
|
||||
.\"
|
||||
.\" $Id: login.conf.5,v 1.9 1997/05/22 07:02:01 tg Exp $
|
||||
.\" $Id: login.conf.5,v 1.10 1997/08/26 23:15:57 brian Exp $
|
||||
.\"
|
||||
.Dd November 22, 1996
|
||||
.Dt LOGIN.CONF 5
|
||||
@ -217,6 +217,9 @@ disallowed.
|
||||
in the class may use for access.
|
||||
.It tty.deny list List of ttys and ttygroups which users
|
||||
in the class may not use for access.
|
||||
.It prog.allow list List of programs which users in the class
|
||||
may run irrespective of the contents of prog.deny. Support for this option
|
||||
must be built into each program.
|
||||
.It prog.deny list List of programs which users in the class
|
||||
may not run. Support for this option must be built into each program.
|
||||
.El
|
||||
@ -363,4 +366,5 @@ lists.
|
||||
.Xr getttyent 3 ,
|
||||
.Xr login_cap 3 ,
|
||||
.Xr login_class 3 ,
|
||||
.Xr ttys 5
|
||||
.Xr ttys 5 ,
|
||||
.Xr login_progok 3
|
||||
|
52
lib/libutil/login_progok.3
Normal file
52
lib/libutil/login_progok.3
Normal file
@ -0,0 +1,52 @@
|
||||
.\"
|
||||
.\" $Id: login_ok.3,v 1.4 1997/02/22 15:08:22 peter Exp $
|
||||
.\"
|
||||
.Dd August 27, 1997
|
||||
.Os FreeBSD
|
||||
.Dt LOGIN_PROGOK 3
|
||||
.Sh NAME
|
||||
.Nm login_progok
|
||||
.Nd Check if the given program may be run.
|
||||
.Sh SYNOPSIS
|
||||
.Fd #include <sys/types.h>
|
||||
.Fd #include <libutil.h>
|
||||
.Ft int
|
||||
.Fn login_progok "uid_t uid" "const char *prog"
|
||||
.Pp
|
||||
Link with
|
||||
.Va -lutil
|
||||
on the
|
||||
.Xr cc 1
|
||||
command line.
|
||||
.Sh DESCRIPTION
|
||||
This function determines if the user has permission to run the given
|
||||
program, returning zero if permission is denied and one if permission
|
||||
is granted. It should be used by programs that are setuid or for some
|
||||
reason cannot be easily rebuilt or modified by an ordinary user, allowing
|
||||
the system administrator to restrict access to certain programs in a
|
||||
generic fashion.
|
||||
.Pp
|
||||
Access to a program is granted by default. In order to deny access,
|
||||
the users login class entry in
|
||||
.Xr login.conf 5
|
||||
must be set with a
|
||||
.Em prog.deny
|
||||
capability that contains the program name. Most programs will use an
|
||||
absolute path name to avoid conflicts. No special matching is done. The
|
||||
passed
|
||||
.Ar prog
|
||||
must match a list entry in
|
||||
.Xr login.conf 5
|
||||
exactly.
|
||||
.Pp
|
||||
The
|
||||
.Em prog.allow
|
||||
capability will override the
|
||||
.Em prog.deny
|
||||
capability, granting access to the program. This allows flexability in
|
||||
setting up a hierarchical login class structure.
|
||||
.Pp
|
||||
.Sh RETURN VALUES
|
||||
The function returns 1 if the program may be run and 0 if it may not.
|
||||
.Sh SEE ALSO
|
||||
.Xr login.conf 5
|
39
lib/libutil/login_progok.c
Normal file
39
lib/libutil/login_progok.c
Normal file
@ -0,0 +1,39 @@
|
||||
#include <sys/types.h>
|
||||
#include <login_cap.h>
|
||||
#include <pwd.h>
|
||||
#include <string.h>
|
||||
|
||||
int
|
||||
login_progok(uid_t uid, const char *prog)
|
||||
{
|
||||
login_cap_t *lc;
|
||||
const struct passwd *pwd;
|
||||
char **data;
|
||||
|
||||
pwd = getpwuid(uid);
|
||||
if (!pwd)
|
||||
return 0; /* How did that happen ? - we can't run */
|
||||
|
||||
lc = login_getpwclass(pwd);
|
||||
if (!lc)
|
||||
return 1; /* We're missing login.conf ? - we can run */
|
||||
|
||||
data = login_getcaplist(lc, "prog.allow", NULL);
|
||||
if (data)
|
||||
for (; *data; data++)
|
||||
if (!strcmp(*data, prog)) {
|
||||
login_close(lc);
|
||||
return 1; /* We're in prog.allow - we can run */
|
||||
}
|
||||
|
||||
data = login_getcaplist(lc, "prog.deny", NULL);
|
||||
if (data)
|
||||
for (; *data; data++)
|
||||
if (!strcmp(*data, prog)) {
|
||||
login_close(lc);
|
||||
return 0; /* We're in prog.deny - we can't run */
|
||||
}
|
||||
|
||||
login_close(lc);
|
||||
return 1; /* We're not mentioned anywhere - we can run */
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user