1 /*
2 * perm.c - check user permission for at(1)
3 * Copyright (C) 1994 Thomas Koenig
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. The name of the author(s) may not be used to endorse or promote
11 * products derived from this software without specific prior written
12 * permission.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 *
25 * $FreeBSD: src/usr.bin/at/perm.c,v 1.11 2001/12/02 12:26:18 markm Exp $
26 * $DragonFly: src/usr.bin/at/perm.c,v 1.5 2007/08/26 16:12:27 pavalos Exp $
27 */
28
29 /* System Headers */
30
31 #include <sys/types.h>
32 #include <err.h>
33 #include <errno.h>
34 #include <pwd.h>
35 #include <stddef.h>
36 #include <stdio.h>
37 #include <stdlib.h>
38 #include <string.h>
39 #include <unistd.h>
40
41 /* Local headers */
42
43 #include "at.h"
44 #include "perm.h"
45 #include "privs.h"
46
47 /* Macros */
48
49 #define MAXUSERID 10
50
51 /* Structures and unions */
52
53 /* Function declarations */
54
55 static int check_for_user(FILE *fp, const char *name);
56
57 /* Local functions */
58
59 static int
check_for_user(FILE * fp,const char * name)60 check_for_user(FILE *fp, const char *name)
61 {
62 char *buffer;
63 size_t len;
64 int found = 0;
65
66 len = strlen(name);
67 if ((buffer = malloc(len+2)) == NULL)
68 errx(EXIT_FAILURE, "virtual memory exhausted");
69
70 while(fgets(buffer, len+2, fp) != NULL)
71 {
72 if ((strncmp(name, buffer, len) == 0) &&
73 (buffer[len] == '\n'))
74 {
75 found = 1;
76 break;
77 }
78 }
79 fclose(fp);
80 free(buffer);
81 return found;
82 }
83
84 /* Global functions */
85 int
check_permission(void)86 check_permission(void)
87 {
88 FILE *fp;
89 uid_t uid = geteuid();
90 struct passwd *pentry;
91
92 if (uid==0)
93 return 1;
94
95 if ((pentry = getpwuid(uid)) == NULL)
96 err(EXIT_FAILURE, "cannot access user database");
97
98 PRIV_START
99
100 fp = fopen(PERM_PATH "at.allow","r");
101
102 PRIV_END
103
104 if (fp != NULL)
105 {
106 return check_for_user(fp, pentry->pw_name);
107 }
108 else if (errno == ENOENT)
109 {
110
111 PRIV_START
112
113 fp = fopen(PERM_PATH "at.deny", "r");
114
115 PRIV_END
116
117 if (fp != NULL)
118 {
119 return !check_for_user(fp, pentry->pw_name);
120 }
121 else if (errno != ENOENT)
122 warn("at.deny");
123 }
124 else
125 warn("at.allow");
126 return 0;
127 }
128