RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 01:57:45 +00:00
Code Issues Activity Actions

LibCore+passwd+su+Base: Add /etc/shadow to hide hashes from users :^)

Browse source 
This patch moves the user account password hashes from /etc/passwd,
where they were world-readable, to /etc/shadow, where only root can
access them.

The Core::Account class is extended to support both authentication
against, and modification of /etc/shadow.

The default password for "anon" as of this commit is "foo" :^)
This commit is contained in:
Andreas Kling 2021-01-09 17:44:44 +01:00
parent c17056cf09
commit 9a688af4b1
6 changed files with 189 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Userland/su.cpp
View file

@ -50,7 +50,9 @@ int main(int argc, char** argv)
if (geteuid() != 0)
fprintf(stderr, "Not running as root :(\n");
auto account_or_error = (user) ? Core::Account::from_name(user) : Core::Account::from_uid(0);
auto account_or_error = (user)
? Core::Account::from_name(user, Core::Account::OpenPasswdFile::No, Core::Account::OpenShadowFile::ReadOnly)
: Core::Account::from_uid(0, Core::Account::OpenPasswdFile::No, Core::Account::OpenShadowFile::ReadOnly);
if (account_or_error.is_error()) {
fprintf(stderr, "Core::Account::from_name: %s\n", account_or_error.error().characters());
return 1;