Bugfix from Hyejin Kim: su should not prompt root user for new user's password.

author: Rob Landley <rob@landley.net> 2015-05-14 13:48:55 -0500
committer: Rob Landley <rob@landley.net> 2015-05-14 13:48:55 -0500
commit: 20019be7c8667b70ff68692b24029aed2c857639 (patch)
tree: 30f37c18907d1269b5b349b258ab55a2c7466768 /toys/lsb/su.c
parent: 5b2644cafc8a619b617ba0fbb5473667dbd634ba (diff)
download: toybox-20019be7c8667b70ff68692b24029aed2c857639.tar.gz
1 files changed, 7 insertions, 5 deletions
diff --git a/toys/lsb/su.c b/toys/lsb/su.c
index 616541b9..612daef1 100644
--- a/toys/lsb/su.c
+++ b/toys/lsb/su.c
@@ -54,11 +54,13 @@ void su_main()
   else name = "root";
 
   if (!(shp = getspnam(name))) perror_exit("no '%s'", name);
-  if (*shp->sp_pwdp != '$') goto deny;
-  if (read_password(toybuf, sizeof(toybuf), "Password: ")) goto deny;
-  passhash = crypt(toybuf, shp->sp_pwdp);
-  memset(toybuf, 0, sizeof(toybuf));
-  if (!passhash || strcmp(passhash, shp->sp_pwdp)) goto deny;
+  if (getuid()) {
+    if (*shp->sp_pwdp != '$') goto deny;
+    if (read_password(toybuf, sizeof(toybuf), "Password: ")) goto deny;
+    passhash = crypt(toybuf, shp->sp_pwdp);
+    memset(toybuf, 0, sizeof(toybuf));
+    if (!passhash || strcmp(passhash, shp->sp_pwdp)) goto deny;
+  }
 
   up = xgetpwnam(name);
   xsetuser(up);
author	Rob Landley <rob@landley.net>	2015-05-14 13:48:55 -0500
committer	Rob Landley <rob@landley.net>	2015-05-14 13:48:55 -0500
commit	20019be7c8667b70ff68692b24029aed2c857639 (patch)
tree	30f37c18907d1269b5b349b258ab55a2c7466768 /toys/lsb/su.c
parent	5b2644cafc8a619b617ba0fbb5473667dbd634ba (diff)
download	toybox-20019be7c8667b70ff68692b24029aed2c857639.tar.gz