user_is_exempt() is no longer a hack, it now uses getgrnam()

author Todd C. Miller <Todd.Miller@courtesan.com>

Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)
diff --git a/check.c b/check.c

index e9b438a50337d71f3af09f481d6f00d41d20fcc3..4e9d2bb374c7b099f8724fa32296a3ecc8aa0ac0 100644 (file)
--- a/check.c
+++ b/check.c
@@ -62,8 +62,9 @@ static char rcsid[] = "$Id$";
  #include <sys/file.h>
  #include <netinet/in.h>
  #include <pwd.h>
+#include <grp.h>
  #include "sudo.h"
-#include "options.h"
+#include <options.h>
  #include "insults.h"
  #ifdef SHADOW_TYPE
  #  if (SHADOW_TYPE == SPW_SVR4)
@@ -171,16 +172,26 @@ void check_user()
   *
   *  user_is_exempt()
   *
- *  this function checks the user is exempt from supplying a password
- *  XXX - should check more that just real gid via getgrnam.
+ *  this function checks the user is exempt from supplying a password.
   */
  
  int user_is_exempt()
  {
  #ifdef EXEMPTGROUP
-    return((getgid() == EXEMPTGROUP));
+    struct group *grp;
+    char **gr_mem;
+
+    if ((grp = getgrnam(EXEMPTGROUP)) == NULL)
+       return(FALSE);
+
+    for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
+       if (strcmp(user, *gr_mem) == 0)
+           return(TRUE);
+    }
+
+    return(FALSE);
  #else
-    return(0);
+    return(FALSE);
  #endif
  }
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Mon, 13 Nov 1995 05:15:37 +0000 (05:15 +0000)