diff options
| author | Andreas Kling <kling@serenityos.org> | 2021-01-21 11:31:12 +0100 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-01-21 11:34:39 +0100 |
| commit | 3b80358142133edfb9060a360bbbec96a562f926 (patch) | |
| tree | 75749c4477798a68cd8d1cbcc41ce9a40651a562 /Userland | |
| parent | 439f447ba8be1a5cc2e0fbb9afd8dcaf519e5109 (diff) | |
| download | serenity-3b80358142133edfb9060a360bbbec96a562f926.zip | |
LibCore: Always fail Account authentication on missing shadow entry
If a user is missing from /etc/shadow, we used to just allow anyone to
authenticate as that user without a password.
With this patch, authentication will instead always fail.
Diffstat (limited to 'Userland')
| -rw-r--r-- | Userland/Libraries/LibCore/Account.cpp | 6 | ||||
| -rw-r--r-- | Userland/Libraries/LibCore/Account.h | 7 |
2 files changed, 9 insertions, 4 deletions
diff --git a/Userland/Libraries/LibCore/Account.cpp b/Userland/Libraries/LibCore/Account.cpp index 04981b7cc9..5a71b1e053 100644 --- a/Userland/Libraries/LibCore/Account.cpp +++ b/Userland/Libraries/LibCore/Account.cpp @@ -102,6 +102,10 @@ Result<Account, String> Account::from_uid(uid_t uid) bool Account::authenticate(const char* password) const { + // If there was no shadow entry for this account, authentication always fails. + if (m_password_hash.is_null()) + return false; + // An empty passwd field indicates that no password is required to log in. if (m_password_hash.is_empty()) return true; @@ -206,7 +210,7 @@ void Account::load_shadow_file() auto line = shadow_file->read_line(); if (line.is_null()) break; - auto parts = line.split(':'); + auto parts = line.split(':', true); if (parts.size() != 2) { dbgln("Malformed shadow entry, ignoring."); continue; diff --git a/Userland/Libraries/LibCore/Account.h b/Userland/Libraries/LibCore/Account.h index 433d3c4926..e50aaaa3ba 100644 --- a/Userland/Libraries/LibCore/Account.h +++ b/Userland/Libraries/LibCore/Account.h @@ -51,7 +51,10 @@ public: void set_password(const char* password); void set_password_enabled(bool enabled); void delete_password(); - bool has_password() const { return !m_password_hash.is_empty(); } + + // A null password means that this account was missing from /etc/shadow. + // It's considered to have a password in that case, and authentication will always fail. + bool has_password() const { return !m_password_hash.is_empty() || m_password_hash.is_null(); } uid_t uid() const { return m_uid; } gid_t gid() const { return m_gid; } @@ -73,8 +76,6 @@ private: String m_username; - // Contents of passwd field in passwd entry. - // Can be empty, "x", or contain a leading '!' String m_password_hash; uid_t m_uid { 0 }; gid_t m_gid { 0 }; |