login & su: Treat an empty passwd field as invalid (#315)
* login & su: Treat an empty passwd field as invalid Otherwise it's treated like the “require no password” clause while it probably should be treated like a normal su that can't validate anyway. A similar change should be done for USE_PAM. * su & login: Introduce PREVENT_NO_AUTH
This commit is contained in:
parent
697901a328
commit
b865e14f25
@ -458,3 +458,12 @@ USERGROUPS_ENAB yes
|
||||
# primary group.
|
||||
#
|
||||
#GRANT_AUX_GROUP_SUBIDS yes
|
||||
|
||||
#
|
||||
# Prevents an empty password field to be interpreted as "no authentication
|
||||
# required".
|
||||
# Set to "yes" to prevent for all accounts
|
||||
# Set to "superuser" to prevent for UID 0 / root (default)
|
||||
# Set to "no" to not prevent for any account (dangerous, historical default)
|
||||
|
||||
PREVENT_NO_AUTH superuser
|
||||
|
@ -164,6 +164,7 @@ static struct itemdef def_table[] = {
|
||||
#endif
|
||||
{"FORCE_SHADOW", NULL},
|
||||
{"GRANT_AUX_GROUP_SUBIDS", NULL},
|
||||
{"PREVENT_NO_AUTH", NULL},
|
||||
{NULL, NULL}
|
||||
};
|
||||
|
||||
|
13
src/login.c
13
src/login.c
@ -978,6 +978,19 @@ int main (int argc, char **argv)
|
||||
|| ('*' == user_passwd[0])) {
|
||||
failed = true;
|
||||
}
|
||||
|
||||
if (strcmp (user_passwd, "") == 0) {
|
||||
char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
|
||||
if(prevent_no_auth == NULL) {
|
||||
prevent_no_auth = "superuser";
|
||||
}
|
||||
if(strcmp(prevent_no_auth, "yes") == 0) {
|
||||
failed = true;
|
||||
} else if( (pwd->pw_uid == 0)
|
||||
&& (strcmp(prevent_no_auth, "superuser") == 0)) {
|
||||
failed = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {
|
||||
|
15
src/su.c
15
src/su.c
@ -505,6 +505,21 @@ static void check_perms_nopam (const struct passwd *pw)
|
||||
return;
|
||||
}
|
||||
|
||||
if (strcmp (pw->pw_passwd, "") == 0) {
|
||||
char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
|
||||
if(prevent_no_auth == NULL) {
|
||||
prevent_no_auth = "superuser";
|
||||
}
|
||||
if(strcmp(prevent_no_auth, "yes") == 0) {
|
||||
fprintf(stderr, _("Password field is empty, this is forbidden for all accounts.\n"));
|
||||
exit(1);
|
||||
} else if( (pw->pw_uid == 0)
|
||||
&& (strcmp(prevent_no_auth, "superuser") == 0)) {
|
||||
fprintf(stderr, _("Password field is empty, this is forbidden for super-user.\n"));
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* BSD systems only allow "wheel" to SU to root. USG systems don't,
|
||||
* so we make this a configurable option.
|
||||
|
Loading…
Reference in New Issue
Block a user