Overview

File 0002-root_only_auth.patch of Package sblim-sfcb

From 6458c05b58be2e39f0fb39815514671fa4f490a1 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Wed, 22 Oct 2008 10:27:14 +0200
Subject: [PATCH] root_only_auth.patch

---
 sfcBasicPAMAuthentication.c |   20 ++++++++++++++++++++
 1 files changed, 20 insertions(+), 0 deletions(-)

diff --git a/sfcBasicPAMAuthentication.c b/sfcBasicPAMAuthentication.c
index c03e34d..de4786b 100644
--- a/sfcBasicPAMAuthentication.c
+++ b/sfcBasicPAMAuthentication.c
@@ -23,6 +23,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <pwd.h>
+
 #include <security/pam_appl.h>
 
 
@@ -58,7 +62,23 @@ static int _sfcBasicAuthenticateRemote(char *user, char *pw, char *rhost)
   };
   pam_handle_t *pamh = NULL;
   int rc, retval;
+
+  struct passwd pwdbuf; 
+  struct passwd* pwdbufp; 
+  int buflen = sysconf(_SC_GETPW_R_SIZE_MAX); 
+  char buf[buflen]; 
    
+  // Only allow root user to log in 
+  rc = getpwnam_r(user, &pwdbuf, buf, buflen, &pwdbufp); 
+  if (rc != 0) {
+	  return 0; 
+  }
+  if (pwdbufp == NULL) {
+	  return 0;
+  }
+  if (pwdbufp->pw_uid != 0) {
+	  return 0; 
+  }
   
   rc = pam_start(SFCB_PAM_APP, user, &sfcConvStruct, & pamh);
 
-- 
1.6.0.2
openSUSE Build Service is sponsored by
Places