root login anywhere patch
Keith Brown
keithb at reed.UUCP
Sat Apr 29 11:31:14 AEST 1989
Enclosed is the patch which allows Micrport 3.0U3.0e root (and its aliases)
to login from any terminal. Needless to say, it has advantages and drawbacks.
What it actually does is move the restriction from UID 0 to UID 99 (or some
other number in the #define) in the login program.
X /*
X This program will modify Microport 3.0U3.0e 80386 UNIX /bin/login program
X to allow root or root-equivalents such as sysadm to log onto the system
X from any port, not just /dev/console. The program does this by changing
X the 'restricted' account to UID number 99. If, perchance, you wish to
X limit some things on your system to be only used/run/accessable from the
X console, set up an account with UID of 99. Login will force that user
X to only access the system from the console. This program is distributed
X only in C source code form. To compile: cc login.fix.c then execute
X a.out to modify /bin/login. You must be root to execute the program.
X */
X
X#include <stdio.h>
X
X /*
X set to 0 to restore root-only-on-console protection,
X set to a value less than 128 (signed char) to protect that account,
X set to 255 to disable protection (no UID can be == -1).
X */
X#define PROTECTED_UID 99
X
Xunsigned char olddata[10] = {
X 0x83, 0x78, 0x08, 0, /* cmpl $0x0, 0x8(%eax) */
X 0x0f, 0x85, 0x2b, 0, 0, 0 /* jne +0x2b <0c54> */
X};
X
Xmain()
X{
X int i, c, prev_uid;
X FILE *fp;
X
X if((fp=fopen("/bin/login","r+"))==0) {
X perror("login.fix");
X exit(1);
X }
X system("cp /bin/login /bin/login.old"); /* just in case */
X
X /* first confirm same issue */
X fseek(fp,(long)0xc1f,0);
X for(i=0; i<10; i++) {
X c=fgetc(fp);
X if(i==3)
X prev_uid=c;
X else if( c!=olddata[i]) {
X fprintf(stderr,
X "Your version of login doesn't match patch at byte %d.\n",i);
X exit(1);
X }
X }
X
X /* now do the fix */
X fseek(fp,(long)0xc22,0);
X fputc(PROTECTED_UID,fp);
X fclose(fp);
X
X fprintf(stderr,"/bin/login now patched to restrict UID number %d from %d.\n",
X PROTECTED_UID, prev_uid);
X return 0;
X}
X
--
Keith Brown
UUCP: {decvax allegra ucbcad ucbvax hplabs}!tektronix!reed!keithb
BITNET: keith at reed.BITNET ARPA: keithb%reed.bitnet at cunyvm.cuny.edu
CSNET: reed!keithb at Tektronix.CSNET CIS: 72615,216
More information about the Comp.unix.microport
mailing list