Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: root privileges
Top Forums Programming root privileges Post 89716 by blowtorch on Tuesday 15th of November 2005 09:52:18 AM
Old 11-15-2005
See the man page of getpwent/getpwnam. The structure that these system calls return also has the encrypted password. Your program can use this to validate the password that the user enters and then go ahead with a 'setuid' call. Once this is one, you are running with root privs.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. Solaris

sshd (openssh) on SunOS without root privileges

Hi, I've just managed to install openssh in my home directory on a server I have access to by using --prefix=$HOME/local after ./configure. Another thing I was having trouble with without root access was privilege separation, so I disabled that in my sshd_config. However, when I run... (10 Replies)
Discussion started by: sayeo
10 Replies

3. UNIX for Dummies Questions & Answers

root privileges

Hello, As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>" But how can I do to give the same rights to another physical user without using root user ? :confused: I've try to create another user "toor" with the same primary... (4 Replies)
Discussion started by: madmat
4 Replies

4. Linux

grant root privileges to ordinary user

Hi, Is it possible to grant root privileges to an ordinary user? Other than 'sudo', is there some way under Users/Groups configuration? I want ordinary user to be able to mount, umount and use command mt. /Brendan (4 Replies)
Discussion started by: brendan76
4 Replies

5. Shell Programming and Scripting

Python: Bind to port 80 as root, then drop privileges?

I have written a small web server in Python, and now I would like to run it on port 80, but in order to be able to bind to a port below 1024 I need to have root privileges. I don't want to run the server as root, though. How can I bind to port 80 as root and then drop root privileges? Thankful... (0 Replies)
Discussion started by: Ilja
0 Replies

6. Shell Programming and Scripting

Privileges like root

My English is no very good. I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password. In Spanish: Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
Discussion started by: kitievbr
1 Replies

7. Solaris

Gaining root privileges

Hello I am a new (and only) administrator of a Solaris 10 environment. The previous admin gave me a use (say user123) that is supposed to have administrative privileges. Now the problem is, the user does not have this privilege! Here is what i tried so far: $ id uid=109(user123) gid=1(other)... (3 Replies)
Discussion started by: abohmeed
3 Replies

8. HP-UX

User with root privileges in hp ux

hi, i am new in hp ux and i must create a user with root privileges and so i disable ssh connection from root login. thanks.. (6 Replies)
Discussion started by: eliste
6 Replies

9. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

10. Infrastructure Monitoring

Monitoring tools that do NOT require root privileges

Hi guys, I am currently managing an application running on around 150 servers. I only have application usage rights on those servers and do not have any root privileges. I have an external node that can connect to those servers and I have root privileges on that one box. I want to setup... (2 Replies)
Discussion started by: Junaid Subhani
2 Replies

LEARN ABOUT BSD

getpwuid

GETPWENT(3)						     Library Functions Manual						       GETPWENT(3)

NAME

       getpwent, getpwnam, getpwuid, setpassent, setpwfile, setpwent, endpwent - get password file entries

SYNOPSIS

       #include <sys/types.h>
       #include <pwd.h>

       struct passwd *getpwent()

       struct passwd *getpwnam(login)
       char *login;

       struct passwd *getpwuid(uid)
       uid_t uid;

       int setpassent(stayopen)
       int stayopen;

       void setpwfile(file)
       char *file;

       int setpwent()

       void endpwent()

DESCRIPTION

       Getpwent,  getpwuid,  and  getpwnam  each  return a pointer to a structure containing the broken-out fields of a line in the password file.
       This structure is defined by the include file <pwd.h>, and contains the following fields:

	      struct passwd {
		   char *pw_name;	    /* user name */
		   char *pw_passwd;	    /* encrypted password */
		   uid_t     pw_uid;	    /* user uid */
		   gid_t     pw_gid;	    /* user gid */
		   time_t    pw_change;     /* password change time */
		   char *pw_class;	    /* user access class */
		   char *pw_gecos;	    /* Honeywell login info */
		   char *pw_dir;	    /* home directory */
		   char *pw_shell;	    /* default shell */
		   time_t    pw_expire;     /* account expiration */
	      };

       These fields are more completely described in passwd(5).

       Getpwnam and getpwuid search the password database for a matching user name or user uid, respectively, returning the first one encountered.
       Identical user names or user uids may result in undefined behavior.

       Getpwent sequentially reads the password database and is intended for programs that wish to step through the complete list of users.

       All three routines will open the password file for reading, if necessary.

       Setpwfile changes the default password file to file, thus allowing the use of alternate password files.

       Setpassent  opens  the  file  or  rewinds it if it is already open.  If stayopen is non-zero, file descriptors are left open, significantly
       speeding up subsequent calls.  This functionality is unnecessary for getpwent as it doesn't close its  file  descriptors  by  default.	It
       should  also  be  noted	that  it  is  dangerous for long-running programs to use this functionality as the password file may be updated by
       chpass(1), passwd(1), or vipw(8).

       Setpwent is identical to setpassent with an argument of zero.

       Endpwent closes any open files.

       These routines have been written to ``shadow'' the password file, e.g.  allow only certain programs to have access to the  encrypted  pass-
       word.  This is done by using the mkpasswd(8) program, which creates ndbm(3) databases that correspond to the password file, with the single
       exception that, rather than storing the encrypted password in the database, it stores the offset in the password file where  the  encrypted
       password may be found.  Getpwent, getpwnam, and getpwuid will use the ndbm files in preference to the ``real'' password files, only reading
       the password file itself, to obtain the encrypted password, if the process is running with an effective user id equivalent  to  super-user.
       If  the	password  file	itself	is  protected, and the ndbm files are not, this makes the password available only to programs running with
       super-user privileges.

FILES

       /etc/passwd

SEE ALSO

       getlogin(3), getgrent(3), ndbm(3), passwd(5)

DIAGNOSTICS

       The routines getpwent, getpwnam, and getpwuid, return a null pointer on EOF or error.  Setpassent and setpwent return 0 on failure and 1 on
       success.  Endpwent and setpwfile have no return value.

BUGS

       All information is contained in a static buffer which is overwritten by each new call.  It must be copied elsewhere to be retained.

       Intermixing  calls to getpwent with calls to getpwnam or getpwuid, or intermixing calls to getpwnam and getpwuid, after using setpassent to
       require that file descriptors be left open, may result in undefined behavior.

       The routines getpwent, endpwent, setpassent, and setpwent are fairly useless in a networked environment and should be avoided, if possible.

7th Edition							 February 23, 1989						       GETPWENT(3)
All times are GMT -4. The time now is 09:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy