diff options
Diffstat (limited to 'main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch')
| -rw-r--r-- | main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch b/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch new file mode 100644 index 0000000000..bb0e1c64ce --- /dev/null +++ b/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch @@ -0,0 +1,76 @@ +From 0acd825122c5e2d1b2ba6a0d0f42960cefaafa88 Mon Sep 17 00:00:00 2001 +From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> +Date: Thu, 5 Nov 2015 16:27:36 +0200 +Subject: [PATCH 3003/3003] su: FEATURE_SU_NULLOK_SECURE + +When this feature is enabled, blank passwords are not accepted by su +unless the user is on a secure TTY defined in /etc/securetty. This +resembles the default PAM configuration of some Linux distros which +specify the nullok_secure option for pam_unix.so. +--- + loginutils/Config.src | 5 +++++ + loginutils/su.c | 13 ++++++++----- + 2 files changed, 13 insertions(+), 5 deletions(-) + +diff --git a/loginutils/Config.src b/loginutils/Config.src +index fa2b4f8..a150899 100644 +--- a/loginutils/Config.src ++++ b/loginutils/Config.src +@@ -311,6 +311,11 @@ config FEATURE_SU_CHECKS_SHELLS + depends on SU + default y + ++config FEATURE_SU_NULLOK_SECURE ++ bool "Disallow blank passwords from TTYs other than specified in /etc/securetty" ++ depends on SU ++ default n ++ + config SULOGIN + bool "sulogin" + default y +diff --git a/loginutils/su.c b/loginutils/su.c +index f812505..bd0cb35 100644 +--- a/loginutils/su.c ++++ b/loginutils/su.c +@@ -51,6 +51,7 @@ int su_main(int argc UNUSED_PARAM, char **argv) + struct passwd *pw; + uid_t cur_uid = getuid(); + const char *tty; ++ int allow_blank = 1; + #if ENABLE_FEATURE_UTMP + char user_buf[64]; + #endif +@@ -71,6 +72,12 @@ int su_main(int argc UNUSED_PARAM, char **argv) + argv++; + } + ++ tty = xmalloc_ttyname(STDIN_FILENO); ++ if (!tty) tty = "none"; ++ tty = skip_dev_pfx(tty); ++ ++ if (ENABLE_FEATURE_SU_NULLOK_SECURE) allow_blank = check_securetty(tty); ++ + if (ENABLE_FEATURE_SU_SYSLOG) { + /* The utmp entry (via getlogin) is probably the best way to + * identify the user, especially if someone su's from a su-shell. +@@ -84,16 +91,12 @@ int su_main(int argc UNUSED_PARAM, char **argv) + pw = getpwuid(cur_uid); + old_user = pw ? xstrdup(pw->pw_name) : ""; + } +- tty = xmalloc_ttyname(2); +- if (!tty) { +- tty = "none"; +- } + openlog(applet_name, 0, LOG_AUTH); + } + + pw = xgetpwnam(opt_username); + +- if (cur_uid == 0 || ask_and_check_password(pw) > 0) { ++ if (cur_uid == 0 || ask_and_check_password_extended(pw, 0, allow_blank, "Password: ") > 0) { + if (ENABLE_FEATURE_SU_SYSLOG) + syslog(LOG_NOTICE, "%c %s %s:%s", + '+', tty, old_user, opt_username); +-- +2.6.3 + |