X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=loginutils%2Fsulogin.c;h=77eff9f8dc415b0395a4474c59eb17f1d54484a8;hb=9f5a577a3241597cb5e7ba9f6df33c2e3c440e44;hp=f1545b78fab2be38426de2da502eb9e8c3d38fbe;hpb=15ca51e3e2a31efc275b616106244d8ec3f8f773;p=oweals%2Fbusybox.git diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index f1545b78f..77eff9f8d 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c @@ -5,39 +5,20 @@ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. */ -#include - #include "libbb.h" +#include -static const char forbid[] ALIGN1 = - "ENV" "\0" - "BASH_ENV" "\0" - "HOME" "\0" - "IFS" "\0" - "PATH" "\0" - "SHELL" "\0" - "LD_LIBRARY_PATH" "\0" - "LD_PRELOAD" "\0" - "LD_TRACE_LOADED_OBJECTS" "\0" - "LD_BIND_NOW" "\0" - "LD_AOUT_LIBRARY_PATH" "\0" - "LD_AOUT_PRELOAD" "\0" - "LD_NOWARN" "\0" - "LD_KEEPDIR" "\0"; - -//static void catchalarm(int ATTRIBUTE_UNUSED junk) +//static void catchalarm(int UNUSED_PARAM junk) //{ // exit(EXIT_FAILURE); //} int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; -int sulogin_main(int argc, char **argv) +int sulogin_main(int argc UNUSED_PARAM, char **argv) { char *cp; int timeout = 0; - char *timeout_arg; - const char *p; struct passwd *pwd; const char *shell; #if ENABLE_FEATURE_SHADOWPASSWDS @@ -49,31 +30,28 @@ int sulogin_main(int argc, char **argv) logmode = LOGMODE_BOTH; openlog(applet_name, 0, LOG_AUTH); - if (getopt32(argv, "t:", &timeout_arg)) { - timeout = xatoi_u(timeout_arg); - } + opt_complementary = "t+"; /* -t N */ + getopt32(argv, "t:", &timeout); + argv += optind; - if (argv[optind]) { + if (argv[0]) { close(0); close(1); - dup(xopen(argv[optind], O_RDWR)); + dup(xopen(argv[0], O_RDWR)); close(2); dup(0); } + /* Malicious use like "sulogin /dev/sda"? */ if (!isatty(0) || !isatty(1) || !isatty(2)) { logmode = LOGMODE_SYSLOG; bb_error_msg_and_die("not a tty"); } - /* Clear out anything dangerous from the environment */ - p = forbid; - do { - unsetenv(p); - p += strlen(p) + 1; - } while (*p); + /* Clear dangerous stuff, set PATH */ + sanitize_env_if_suid(); -// bb_askpass() already handles this +// bb_ask() already handles this // signal(SIGALRM, catchalarm); pwd = getpwuid(0); @@ -95,8 +73,11 @@ int sulogin_main(int argc, char **argv) #endif while (1) { + char *encrypted; + int r; + /* cp points to a static buffer that is zeroed every time */ - cp = bb_askpass(timeout, + cp = bb_ask(STDIN_FILENO, timeout, "Give root password for system maintenance\n" "(or type Control-D for normal startup):"); @@ -104,7 +85,10 @@ int sulogin_main(int argc, char **argv) bb_info_msg("Normal startup"); return 0; } - if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) { + encrypted = pw_encrypt(cp, pwd->pw_passwd, 1); + r = strcmp(encrypted, pwd->pw_passwd); + free(encrypted); + if (r == 0) { break; } bb_do_delay(FAIL_DELAY); @@ -115,7 +99,7 @@ int sulogin_main(int argc, char **argv) bb_info_msg("System Maintenance Mode"); - USE_SELINUX(renew_current_security_context()); + IF_SELINUX(renew_current_security_context()); shell = getenv("SUSHELL"); if (!shell)