passwd: Prompt for the current password before setting new password

This changes passwd to authenticate non-root users before prompting for new password.
author: brapru <brapru@pm.me> 2021-05-23 23:08:18 -0400
committer: Andreas Kling <kling@serenityos.org> 2021-06-17 19:54:38 +0200
commit: b0f8bccd08c8a9e3fdbcf1486575ffcd68803b3d (patch)
tree: 6a91b9374c49592cfa7ab98e66ac5d2830e7e707
parent: 96588adbd4e02f94a123b5b20cc7591ad5b23506 (diff)
download: serenity-b0f8bccd08c8a9e3fdbcf1486575ffcd68803b3d.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/Userland/Utilities/passwd.cpp b/Userland/Utilities/passwd.cpp
index 48df09c0c3..7ef5f59411 100644
--- a/Userland/Utilities/passwd.cpp
+++ b/Userland/Utilities/passwd.cpp
@@ -84,6 +84,19 @@ int main(int argc, char** argv)
     } else if (unlock) {
         target_account.set_password_enabled(true);
     } else {
+        if (current_uid != 0) {
+            auto current_password = Core::get_password("Current password: ");
+            if (current_password.is_error()) {
+                warnln("{}", current_password.error());
+                return 1;
+            }
+
+            if (!target_account.authenticate(current_password.value().characters())) {
+                warnln("Incorrect or disabled password.");
+                return 1;
+            }
+        }
+
         auto new_password = Core::get_password("New password: ");
         if (new_password.is_error()) {
             warnln("{}", new_password.error());
author	brapru <brapru@pm.me>	2021-05-23 23:08:18 -0400
committer	Andreas Kling <kling@serenityos.org>	2021-06-17 19:54:38 +0200
commit	b0f8bccd08c8a9e3fdbcf1486575ffcd68803b3d (patch)
tree	6a91b9374c49592cfa7ab98e66ac5d2830e7e707
parent	96588adbd4e02f94a123b5b20cc7591ad5b23506 (diff)
download	serenity-b0f8bccd08c8a9e3fdbcf1486575ffcd68803b3d.zip