Sam Varshavchik writes:
>
> Alessandro Vesely writes:
>
> > I think authtest might also be good as a generic configuration tool
> > as it delivers name, home directory, uid and gid of a given user.
> > (Suppose a configure script takes an option like [EMAIL PROTECTED]
> > for installing some data and scripts into a user directory; e.g. a mail robot.)
> > Re-packaging may be an occasion to review the permissions required to run it.
>
> No special permissions are needed for authtest. If it has permissions to
> connect to the filesystem socket, it's good to go.
>
I meant something like the (not tested) patch I paste below, if not changed
since 45.
--- authtest-4.5.c 2004-01-19 22:51:00.000000000 +0100
+++ authtest-allow.c 2004-09-23 16:00:24.728573000 +0200
@@ -50,6 +50,12 @@
return (0);
}
+static void not_allowed(char const*op)
+{
+ fprintf(stderr, "authtest: %s must be run as root\n", op);
+ exit(1);
+}
+
int main(int argc, char **argv)
{
int argn;
@@ -57,12 +63,7 @@
const char *module="";
int i;
char *p;
-
- if (getuid())
- {
- printf("I must be run as root!\n");
- exit(0);
- }
+int const not_root = getuid() != 0;
for (argn=1; argn<argc; argn++)
{
@@ -106,6 +107,9 @@
if (argc - argn > 2)
{
+ if (not_root)
+ not_allowed("changepwd");
+
if (authstaticmodulelist[i]->auth_changepwd == 0)
continue;
@@ -121,6 +125,9 @@
if (argc - argn > 1)
{
+ if (not_root)
+ not_allowed("login");
+
authdata=malloc(strlen(argv[argn])+strlen(argv[argn+1])+3);
if (!authdata)
{
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
