d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add full support for determining if a user

Browse Source 
is restricted from running a given program.
This commit is contained in:
Brian Somers 1997-08-27 20:06:20 +00:00
parent bc151cdc8c
commit fbbe016b64
5 changed files with 101 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/libutil/Makefile
View File

@ -7,10 +7,10 @@ CFLAGS+=-Wall -DLIBC_SCCS -I${.CURDIR} -I${.CURDIR}/../../sys
#CFLAGS+=LOGIN_CAP_AUTH #CFLAGS+=LOGIN_CAP_AUTH
SRCS= login.c login_tty.c logout.c logwtmp.c pty.c setproctitle.c \ SRCS= login.c login_tty.c logout.c logwtmp.c pty.c setproctitle.c \
login_cap.c login_class.c login_auth.c login_times.c login_ok.c \ login_cap.c login_class.c login_auth.c login_times.c login_ok.c \
_secure_path.c uucplock.c _secure_path.c uucplock.c login_progok.c
MAN3+= login.3 login_tty.3 logout.3 logwtmp.3 pty.3 setproctitle.3 \ MAN3+= login.3 login_tty.3 logout.3 logwtmp.3 pty.3 setproctitle.3 \
login_cap.3 login_class.3 login_times.3 login_ok.3 \ login_cap.3 login_class.3 login_times.3 login_ok.3 \
_secure_path.3 uucplock.3 _secure_path.3 uucplock.3 login_progok.3
MAN5+= login.conf.5 MAN5+= login.conf.5
MLINKS+= pty.3 openpty.3 pty.3 forkpty.3 MLINKS+= pty.3 openpty.3 pty.3 forkpty.3
MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \ MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \

3
lib/libutil/libutil.h
View File

@ -18,7 +18,7 @@
* 5. Modifications may be freely made to this file providing the above * 5. Modifications may be freely made to this file providing the above
* conditions are met. * conditions are met.
* *
* $Id: libutil.h,v 1.9 1997/05/19 10:04:15 peter Exp $ * $Id: libutil.h,v 1.10 1997/08/10 18:42:38 ache Exp $
*/ */
#ifndef _LIBUTIL_H_ #ifndef _LIBUTIL_H_
@ -45,6 +45,7 @@ const char *uu_lockerr __P((int _uu_lockresult));
int uu_lock __P((const char *_ttyname)); int uu_lock __P((const char *_ttyname));
int uu_unlock __P((const char *_ttyname)); int uu_unlock __P((const char *_ttyname));
int _secure_path __P((const char *_path, uid_t _uid, gid_t _gid)); int _secure_path __P((const char *_path, uid_t _uid, gid_t _gid));
int login_progok __P((uid_t _uid, const char *prog));
__END_DECLS __END_DECLS
#define UU_LOCK_INUSE (1) #define UU_LOCK_INUSE (1)

8
lib/libutil/login.conf.5
View File

@ -17,7 +17,7 @@
.\" 5. Modifications may be freely made to this file providing the above .\" 5. Modifications may be freely made to this file providing the above
.\" conditions are met. .\" conditions are met.
.\" .\"
.\" $Id: login.conf.5,v 1.9 1997/05/22 07:02:01 tg Exp $ .\" $Id: login.conf.5,v 1.10 1997/08/26 23:15:57 brian Exp $
.\" .\"
.Dd November 22, 1996 .Dd November 22, 1996
.Dt LOGIN.CONF 5 .Dt LOGIN.CONF 5
@ -217,6 +217,9 @@ disallowed.
in the class may use for access. in the class may use for access.
.It tty.deny list List of ttys and ttygroups which users .It tty.deny list List of ttys and ttygroups which users
in the class may not use for access. in the class may not use for access.
.It prog.allow list List of programs which users in the class
may run irrespective of the contents of prog.deny. Support for this option
must be built into each program.
.It prog.deny list List of programs which users in the class .It prog.deny list List of programs which users in the class
may not run. Support for this option must be built into each program. may not run. Support for this option must be built into each program.
.El .El
@ -363,4 +366,5 @@ lists.
.Xr getttyent 3 , .Xr getttyent 3 ,
.Xr login_cap 3 , .Xr login_cap 3 ,
.Xr login_class 3 , .Xr login_class 3 ,
.Xr ttys 5 .Xr ttys 5 ,
.Xr login_progok 3

52
lib/libutil/login_progok.3 Normal file
View File

@ -0,0 +1,52 @@
.\"
.\" $Id: login_ok.3,v 1.4 1997/02/22 15:08:22 peter Exp $
.\"
.Dd August 27, 1997
.Os FreeBSD
.Dt LOGIN_PROGOK 3
.Sh NAME
.Nm login_progok
.Nd Check if the given program may be run.
.Sh SYNOPSIS
.Fd #include <sys/types.h>
.Fd #include <libutil.h>
.Ft int
.Fn login_progok "uid_t uid" "const char *prog"
.Pp
Link with
.Va -lutil
on the
.Xr cc 1
command line.
.Sh DESCRIPTION
This function determines if the user has permission to run the given
program, returning zero if permission is denied and one if permission
is granted. It should be used by programs that are setuid or for some
reason cannot be easily rebuilt or modified by an ordinary user, allowing
the system administrator to restrict access to certain programs in a
generic fashion.
.Pp
Access to a program is granted by default. In order to deny access,
the users login class entry in
.Xr login.conf 5
must be set with a
.Em prog.deny
capability that contains the program name. Most programs will use an
absolute path name to avoid conflicts. No special matching is done. The
passed
.Ar prog
must match a list entry in
.Xr login.conf 5
exactly.
.Pp
The
.Em prog.allow
capability will override the
.Em prog.deny
capability, granting access to the program. This allows flexability in
setting up a hierarchical login class structure.
.Pp
.Sh RETURN VALUES
The function returns 1 if the program may be run and 0 if it may not.
.Sh SEE ALSO
.Xr login.conf 5

39
lib/libutil/login_progok.c Normal file
View File

@ -0,0 +1,39 @@
#include <sys/types.h>
#include <login_cap.h>
#include <pwd.h>
#include <string.h>
int
login_progok(uid_t uid, const char *prog)
{
login_cap_t *lc;
const struct passwd *pwd;
char **data;
pwd = getpwuid(uid);
if (!pwd)
return 0; /* How did that happen ? - we can't run */
lc = login_getpwclass(pwd);
if (!lc)
return 1; /* We're missing login.conf ? - we can run */
data = login_getcaplist(lc, "prog.allow", NULL);
if (data)
for (; *data; data++)
if (!strcmp(*data, prog)) {
login_close(lc);
return 1; /* We're in prog.allow - we can run */
}
data = login_getcaplist(lc, "prog.deny", NULL);
if (data)
for (; *data; data++)
if (!strcmp(*data, prog)) {
login_close(lc);
return 0; /* We're in prog.deny - we can't run */
}
login_close(lc);
return 1; /* We're not mentioned anywhere - we can run */
}