From ff7a918b49ded28141288fa2877d8181a25be423 Mon Sep 17 00:00:00 2001 From: Mike Pritchard Date: Thu, 11 Apr 1996 05:30:18 +0000 Subject: Print some warnings if root invokes chpass and sets the shell to one of the following: - a non-existent file - a non-regular file - a file without any execute bits set The shell is still set to whatever they entered even if the above conditions exist (hey, it is the super user doing this after all :-), but this might give the admin. some warning that they are about to screw themselves and give them a chance to fix it before it is too late. Inspired by: some new FreeBSD user on USENET who set his root shell to a shell that doesn't exist and now can't gain access to root (don't worry, I sent him some mail on how to recover from this). --- chpass/field.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'chpass/field.c') diff --git a/chpass/field.c b/chpass/field.c index 6229e42..73fa479 100644 --- a/chpass/field.c +++ b/chpass/field.c @@ -36,6 +36,7 @@ static char sccsid[] = "@(#)field.c 8.4 (Berkeley) 4/2/94"; #endif /* not lint */ #include +#include #include #include @@ -242,6 +243,7 @@ p_shell(p, pw, ep) ENTRY *ep; { char *t, *ok_shell(); + struct stat sbuf; if (!*p) { pw->pw_shell = _PATH_BSHELL; @@ -264,5 +266,22 @@ p_shell(p, pw, ep) warnx("can't save entry"); return (1); } + if (stat(pw->pw_shell, &sbuf) < 0) { + if (errno == ENOENT) + warnx("WARNING: shell '%s' does not exist", + pw->pw_shell); + else + warn("WARNING: can't stat shell '%s'", pw->pw_shell); + return (0); + } + if (!S_ISREG(sbuf.st_mode)) { + warnx("WARNING: shell '%s' is not a regular file", + pw->pw_shell); + return (0); + } + if ((sbuf.st_mode & (S_IXOTH | S_IXGRP | S_IXUSR)) == 0) { + warnx("WARNING: shell '%s' is not executable", pw->pw_shell); + return (0); + } return (0); } -- cgit v1.2.3