Re: Authentication-related information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2001-12-10 at 15:14, Kris Deugau wrote:
> I've got my app talking happily to PAM, but one of the things I'd like
> to do in the interests of security is for my software to drop all root
> priviledges as soon as it has authenticated the user.
> 
> However, it appears that there is no direct method to find out what the
> user's localhost UID is unless you know for sure what type of local
> authentication is used- which sort of defeats the whole point of PAM.

#include <pwd.h>

struct passwd *user;

user = getpwuid(geteuid());
printf("login = %s\n", user->pw_name);
...
printf("shell = %s\n", user->pw_shell);


The passwd structure is typically defined as this...

     struct passwd {
         char *pw_name;      /* user's login name */
         char *pw_passwd;    /* no longer used */
         uid_t pw_uid;       /* user's uid */
         gid_t pw_gid;       /* user's gid */
         char *pw_age;       /* not used */
         char *pw_comment;   /* not used */
         char *pw_gecos;     /* typically user's full name */
         char *pw_dir;       /* user's home dir */
         char *pw_shell;     /* user's login shell */
     };

Most modern implmentations will not have the password in the pw_passwd
field.  If a valid password is there, it is typically in hashed using
crypt(), or is an MD5 hash of the actual password.

Mike





[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux