login & su: Treat an empty passwd field as invalid (#315)
* login & su: Treat an empty passwd field as invalid Otherwise it's treated like the “require no password” clause while it probably should be treated like a normal su that can't validate anyway. A similar change should be done for USE_PAM. * su & login: Introduce PREVENT_NO_AUTH
This commit is contained in:
parent
697901a328
commit
b865e14f25
@ -458,3 +458,12 @@ USERGROUPS_ENAB yes
|
|||||||
# primary group.
|
# primary group.
|
||||||
#
|
#
|
||||||
#GRANT_AUX_GROUP_SUBIDS yes
|
#GRANT_AUX_GROUP_SUBIDS yes
|
||||||
|
|
||||||
|
#
|
||||||
|
# Prevents an empty password field to be interpreted as "no authentication
|
||||||
|
# required".
|
||||||
|
# Set to "yes" to prevent for all accounts
|
||||||
|
# Set to "superuser" to prevent for UID 0 / root (default)
|
||||||
|
# Set to "no" to not prevent for any account (dangerous, historical default)
|
||||||
|
|
||||||
|
PREVENT_NO_AUTH superuser
|
||||||
|
@ -164,6 +164,7 @@ static struct itemdef def_table[] = {
|
|||||||
#endif
|
#endif
|
||||||
{"FORCE_SHADOW", NULL},
|
{"FORCE_SHADOW", NULL},
|
||||||
{"GRANT_AUX_GROUP_SUBIDS", NULL},
|
{"GRANT_AUX_GROUP_SUBIDS", NULL},
|
||||||
|
{"PREVENT_NO_AUTH", NULL},
|
||||||
{NULL, NULL}
|
{NULL, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
13
src/login.c
13
src/login.c
@ -978,6 +978,19 @@ int main (int argc, char **argv)
|
|||||||
|| ('*' == user_passwd[0])) {
|
|| ('*' == user_passwd[0])) {
|
||||||
failed = true;
|
failed = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strcmp (user_passwd, "") == 0) {
|
||||||
|
char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
|
||||||
|
if(prevent_no_auth == NULL) {
|
||||||
|
prevent_no_auth = "superuser";
|
||||||
|
}
|
||||||
|
if(strcmp(prevent_no_auth, "yes") == 0) {
|
||||||
|
failed = true;
|
||||||
|
} else if( (pwd->pw_uid == 0)
|
||||||
|
&& (strcmp(prevent_no_auth, "superuser") == 0)) {
|
||||||
|
failed = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {
|
if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {
|
||||||
|
15
src/su.c
15
src/su.c
@ -505,6 +505,21 @@ static void check_perms_nopam (const struct passwd *pw)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strcmp (pw->pw_passwd, "") == 0) {
|
||||||
|
char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
|
||||||
|
if(prevent_no_auth == NULL) {
|
||||||
|
prevent_no_auth = "superuser";
|
||||||
|
}
|
||||||
|
if(strcmp(prevent_no_auth, "yes") == 0) {
|
||||||
|
fprintf(stderr, _("Password field is empty, this is forbidden for all accounts.\n"));
|
||||||
|
exit(1);
|
||||||
|
} else if( (pw->pw_uid == 0)
|
||||||
|
&& (strcmp(prevent_no_auth, "superuser") == 0)) {
|
||||||
|
fprintf(stderr, _("Password field is empty, this is forbidden for super-user.\n"));
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* BSD systems only allow "wheel" to SU to root. USG systems don't,
|
* BSD systems only allow "wheel" to SU to root. USG systems don't,
|
||||||
* so we make this a configurable option.
|
* so we make this a configurable option.
|
||||||
|
Loading…
x
Reference in New Issue
Block a user