From b0f8bccd08c8a9e3fdbcf1486575ffcd68803b3d Mon Sep 17 00:00:00 2001
From: brapru <brapru@pm.me>
Date: Sun, 23 May 2021 23:08:18 -0400
Subject: passwd: Prompt for the current password before setting new password

This changes passwd to authenticate non-root users before prompting for
new password.
---
 Userland/Utilities/passwd.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/Userland/Utilities/passwd.cpp b/Userland/Utilities/passwd.cpp
index 48df09c0c3..7ef5f59411 100644
--- a/Userland/Utilities/passwd.cpp
+++ b/Userland/Utilities/passwd.cpp
@@ -84,6 +84,19 @@ int main(int argc, char** argv)
     } else if (unlock) {
         target_account.set_password_enabled(true);
     } else {
+        if (current_uid != 0) {
+            auto current_password = Core::get_password("Current password: ");
+            if (current_password.is_error()) {
+                warnln("{}", current_password.error());
+                return 1;
+            }
+
+            if (!target_account.authenticate(current_password.value().characters())) {
+                warnln("Incorrect or disabled password.");
+                return 1;
+            }
+        }
+
         auto new_password = Core::get_password("New password: ");
         if (new_password.is_error()) {
             warnln("{}", new_password.error());
-- 
cgit v1.2.3