-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathauth_common.c
More file actions
43 lines (36 loc) · 939 Bytes
/
auth_common.c
File metadata and controls
43 lines (36 loc) · 939 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#include "auth_common.h"
// Check if the current user belongs to the suex group
int user_in_suex_group(void)
{
// Get the suex group ID
struct group *suex_group = getgrnam(SUEX_GROUP);
if (!suex_group) {
// Group doesn't exist, consider this a failure
return 0;
}
gid_t suex_gid = suex_group->gr_gid;
// Get current user info
uid_t uid = getuid();
// If we're already root, we don't need to check group membership
if (uid == 0) {
return 1;
}
// Get user group memberships
gid_t groups[MAX_GROUPS];
int ngroups = MAX_GROUPS;
struct passwd *pw = getpwuid(uid);
if (!pw) {
return 0; // Can't get user info
}
if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups) < 0) {
fprintf(stderr,
"Warning: Too many groups, may not validate all group memberships\n");
}
// Check if user is in the suex group
for (int i = 0; i < ngroups; i++) {
if (groups[i] == suex_gid) {
return 1;
}
}
return 0;
}