Get root access thro program

Shekarbabu · 05-23-2005, 09:24 AM

Hi,
I want to write a simple C program which works similar to su command in Linux, i.e. my program should prompt user to enter root password and should get him the root access if he enters root password correctly.

TruckStuff · 05-23-2005, 10:48 AM

whats wrong with sudo?

Shekarbabu · 05-24-2005, 04:36 AM

Actually before executing my application I need to explicitly ask user to enter root password, I don’t know the procedure to compare the password entered by user with the actual root password, also if the comparison is success I don’t know how to grant the root privileges to that user.
I think all systems use shadowed passwords, which means the root password is encrypted with a one-way algorithm and stored in the password file. Is there any system call or API through which we can pass the password as argument on success comparison grant the root privilege?

Poetics · 05-24-2005, 05:31 AM

Basically you're doing an "su -" in the middle of a program execution then?

Shekarbabu · 05-25-2005, 02:29 AM

If i do su in my program i.e system("su"); i think after typing password it wont execute the next line of the program after su command until i do exit from the new shell.
Eg:
main()
{
system("su");
printf("after su");
}
out put:
password:
[root@localhost shekar]#exit
after su
[shekar@localhost shekar]$

Note: if i don't do exit above then my program will never continue executing.
I want my program to run continuously without any interrupt. Here before exit i am root i can do what ever i want, but after exit i cant. I want to know the technique to compare the shadowed password and grant the root privileges to user.

Nathanael · 06-08-2005, 05:09 AM

Quote:

I want to know the technique to compare the shadowed password and grant the root privileges to user.

md5...?
that is to compare the shadowed password

but i think you will make your sys even more vulnerable with that prog... !
but you could write it to use 'su' and let su execute a 2nd part of your app (splitting your c app into 2 parts, one run by the user, the other called by 'su -c <path-to-app>'
adding commandline params will give you the option of continuing whatever has been started - or by saving stuff to a temporary file!)

and whatever you do, test it well - let others test it - make sure every user entry is exactly what you want... and make sure you have no space for somebody using your app in a negative way... make it secure