summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/web/cgi.c20
1 files changed, 19 insertions, 1 deletions
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index 4bd24b72f1..b861b2d780 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -23,6 +23,7 @@
#include "web/swat_proto.h"
#include "intl/lang_tdb.h"
#include "auth.h"
+#include "secrets.h"
#define MAX_VARIABLES 10000
@@ -325,7 +326,24 @@ static void cgi_web_auth(void)
exit(0);
}
- setuid(0);
+ C_user = SMB_STRDUP(user);
+
+ if (!setuid(0)) {
+ C_pass = secrets_fetch_generic("root", "SWAT");
+ if (C_pass == NULL) {
+ char *tmp_pass = NULL;
+ tmp_pass = generate_random_password(talloc_tos(),
+ 16, 16);
+ if (tmp_pass == NULL) {
+ printf("%sFailed to create random nonce for "
+ "SWAT session\n<br>%s\n", head, tail);
+ exit(0);
+ }
+ secrets_store_generic("root", "SWAT", tmp_pass);
+ C_pass = SMB_STRDUP(tmp_pass);
+ TALLOC_FREE(tmp_pass);
+ }
+ }
setuid(pwd->pw_uid);
if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) {
printf("%sFailed to become user %s - uid=%d/%d<br>%s\n",
generated by cgit (git 2.34.1) at 2024-11-22 04:15:23 +0000