GIT.Harvie.CZ
/
mirrors
/
pam-ftpfuck.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
99cd20f
)
First experimental version of pam_ftpfuck
author
Harvie
<tomas@mudrunka.cz>
Sat, 3 Dec 2011 05:43:21 +0000
(06:43 +0100)
committer
Harvie
<tomas@mudrunka.cz>
Sat, 3 Dec 2011 05:43:21 +0000
(06:43 +0100)
src/mypam.c
patch
|
blob
|
blame
|
history
diff --git
a/src/mypam.c
b/src/mypam.c
index 31b32472ebddd1e6870cdc86de654955c34a5281..3bccdfdd673ec0ba7a802369e8701f96857fc2e2 100644
(file)
--- a/
src/mypam.c
+++ b/
src/mypam.c
@@
-1,35
+1,29
@@
+//Harvie 2o11 - Warning: Not bulletproof yet!
+#define ENV_PREFIX "JAIL_"
+#define DEFAULT_JAIL "/var/ssh-chroot"
+
#include <stdio.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdlib.h>
-#include <string.h>
-#include <security/pam_appl.h>
-#include <security/pam_modules.h>
-
-/* expected hook */
-PAM_EXTERN int pam_sm_setcred( pam_handle_t *pamh, int flags, int argc, const char **argv ) {
- return PAM_SUCCESS;
-}
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
- printf("Acct mgmt\n");
- return PAM_SUCCESS;
-}
-
-/* expected hook, this is where custom stuff happens */
-PAM_EXTERN int pam_sm_authenticate( pam_handle_t *pamh, int flags,int argc, const char **argv ) {
- int retval;
+#define PAM_SM_SESSION
+#include <security/pam_modules.h>
- const char* pUsername;
- retval = pam_get_user(pamh, &pUsername, "Username: ");
+PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+ const char* user;
+ pam_get_user(pamh, &user, "login: ");
+ //printf("Welcome %s\n", user);
- printf("Welcome %s\n", pUsername);
+ setenv(ENV_PREFIX "USER", user, 1);
+ setenv(ENV_PREFIX "DIR", DEFAULT_JAIL, 1);
+ if(argc > 0) setenv(ENV_PREFIX "DIR", argv[0], 1);
- if (retval != PAM_SUCCESS) {
- return retval;
- }
- if (strcmp(pUsername, "backdoor") != 0) {
- return PAM_AUTH_ERR;
- }
+ //system("echo start $HOME; echo a && true && echo b && false && echo c");
+ setuid(0); setgid(0);
+ system("mkdir -p \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\"");
+ system("chown root:root \"$JAIL_DIR/$JAIL_USER\"");
+ system("chown \"$JAIL_USER:$JAIL_USER\" \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\"");
+ system("mountpoint -q \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\" || mount -o bind \"$HOME\" \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\"");
- return PAM_SUCCESS;
+ return PAM_SUCCESS;
//PAM_SESSION_ERR | PAM_SUCCESS
}
}
This page took
0.142617 seconds
and
4
git commands to generate.