]> git.saurik.com Git - apple/libc.git/blob - gen/authentication.c
Libc-391.1.21.tar.gz
[apple/libc.git] / gen / authentication.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 #include <sys/param.h>
24 #include <sys/time.h>
25 #include <sys/resource.h>
26 #include <err.h>
27 #include <errno.h>
28 #include <grp.h>
29 #include <paths.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <syslog.h>
34 #include <unistd.h>
35
36 #include "authentication.h"
37
38 int isAuthenticatedAsAdministrator(void)
39 {
40 if (isAuthenticatedAsRoot()) {
41 return 1;
42 }
43 // otherwise ...
44 return isAuthenticatedAsAdministratorForTask(0);
45 }
46
47 int isAuthenticatedAsAdministratorForTask(int taskNum)
48 {
49 int admin = 0;
50 uid_t ruid;
51
52 if (isAuthenticatedAsRoot()) {
53 return 1;
54 }
55
56 ruid = getuid();
57
58 if (ruid) {
59 gid_t groups[NGROUPS_MAX];
60 int numgroups;
61
62 /*
63 * Only allow those in group taskNum group (By default admin) to authenticate.
64 */
65 if ((numgroups = getgroups(NGROUPS_MAX, groups)) > 0) {
66 int i;
67 gid_t admingid = 0;
68 struct group *admingroup;
69
70 if ((admingroup = getgrnam(groupNameForTask(taskNum))) != NULL) {
71 admingid = admingroup->gr_gid;
72
73 for (i = 0; i < numgroups; i++) {
74 if (groups[i] == admingid) {
75 admin = 1;
76 break;
77 }
78 }
79 }
80
81 }
82 }
83 // otherwise
84 return admin;
85 }
86
87 int isAuthenticatedAsRoot(void)
88 {
89 if (getuid() == 0) {
90 return 1;
91 }
92 return 0;
93 }
94
95 char *groupNameForTask(int taskNum)
96 {
97 if (taskNum == 0)
98 return "admin";
99
100 return "admin";
101 }
102