From: FRIGN Date: Sun, 11 Sep 2016 21:17:53 +0000 (+0200) Subject: Stop using $USER for shadow entries X-Git-Url: https://git.danieliu.xyz/?a=commitdiff_plain;h=dc2e8e839e4d72f5fec36c9a0474e6062a7a8f51;p=slock.git Stop using $USER for shadow entries This was extremely bad practice, effectively making the program behave different depending on which architecture you are running it on. OpenBSD offers getpwuid_shadow, but there is no getspuid for getspnam, so we resort to using the pw_name entry in the struct passwd we filled earlier. This prevents slock from crashing when $USER is empty (easy to do). If you want to run slock as a different user, don't use $ USER="tom" slock but doas or sudo which were designed for this purpose. --- diff --git a/slock.c b/slock.c index f799174..6dedc69 100644 --- a/slock.c +++ b/slock.c @@ -103,14 +103,14 @@ gethash(void) #if HAVE_SHADOW_H if (hash[0] == 'x' && hash[1] == '\0') { struct spwd *sp; - if (!(sp = getspnam(getenv("USER")))) + if (!(sp = getspnam(pw->pw_name))) die("slock: getspnam: cannot retrieve shadow entry (make sure to suid or sgid slock)\n"); hash = sp->sp_pwdp; } #else if (hash[0] == '*' && hash[1] == '\0') { #ifdef __OpenBSD__ - if (!(pw = getpwnam_shadow(getenv("USER")))) + if (!(pw = getpwuid_shadow(getuid()))) die("slock: getpwnam_shadow: cannot retrieve shadow entry (make sure to suid or sgid slock)\n"); hash = pw->pw_passwd; #else