- if (strcmp(user, "root") == 0) {
- /*
- * Read the "/.suok" file for list of people who can su.
- */
- if ((pwd = getpwuid(getuid())) == NULL) {
- fprintf(stderr, "Who are you?\n");
- exit(1);
- }
- if ((fp = fopen("/.suok", "r")) != NULL) {
- while ((fgets(buf, sizeof(buf), fp)) != NULL) {
- /* blast newline */
- buf[strlen(buf) - 1] = '\0';
- if (strcmp(pwd->pw_name, buf) == 0) {
- fclose(fp);
+ if ((pwd = getpwuid(getuid())) == NULL) {
+ fprintf(stderr, "Who are you?\n");
+ exit(1);
+ }
+ strcpy(buf, pwd->pw_name);
+ if ((pwd = getpwnam(user)) == NULL) {
+ fprintf(stderr, "Unknown login: %s\n", user);
+ exit(1);
+ }
+ /*
+ * Only allow those in group zero to su to root.
+ */
+ if (pwd->pw_uid == 0) {
+ struct group *gr;
+ int i;
+
+ if ((gr = getgrgid(0)) != NULL) {
+ for (i = 0; gr->gr_mem[i] != NULL; i++)
+ if (strcmp(buf, gr->gr_mem[i]) == 0)