On Mon, 2001-12-10 at 15:14, Kris Deugau wrote:
> I've got my app talking happily to PAM, but one of the things I'd like
> to do in the interests of security is for my software to drop all root
> priviledges as soon as it has authenticated the user.
>
> However, it appears that there is no direct method to find out what the
> user's localhost UID is unless you know for sure what type of local
> authentication is used- which sort of defeats the whole point of PAM.
#include <pwd.h>
struct passwd *user;
user = getpwuid(geteuid());
printf("login = %s\n", user->pw_name);
...
printf("shell = %s\n", user->pw_shell);
The passwd structure is typically defined as this...
struct passwd {
char *pw_name; /* user's login name */
char *pw_passwd; /* no longer used */
uid_t pw_uid; /* user's uid */
gid_t pw_gid; /* user's gid */
char *pw_age; /* not used */
char *pw_comment; /* not used */
char *pw_gecos; /* typically user's full name */
char *pw_dir; /* user's home dir */
char *pw_shell; /* user's login shell */
};
Most modern implmentations will not have the password in the pw_passwd
field. If a valid password is there, it is typically in hashed using
crypt(), or is an MD5 hash of the actual password.
Mike
