1/* 2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23#include <sys/param.h> 24#include <sys/time.h> 25#include <sys/resource.h> 26#include <err.h> 27#include <errno.h> 28#include <grp.h> 29#include <paths.h> 30#include <stdio.h> 31#include <stdlib.h> 32#include <string.h> 33#include <syslog.h> 34#include <unistd.h> 35 36#include "authentication.h" 37 38int isAuthenticatedAsAdministrator(void) 39{ 40 if (isAuthenticatedAsRoot()) { 41 return 1; 42 } 43 // otherwise ... 44 return isAuthenticatedAsAdministratorForTask(0); 45} 46 47int isAuthenticatedAsAdministratorForTask(int taskNum) 48{ 49 int admin = 0; 50 uid_t ruid; 51 52 if (isAuthenticatedAsRoot()) { 53 return 1; 54 } 55 56 ruid = getuid(); 57 58 if (ruid) { 59 gid_t groups[NGROUPS_MAX]; 60 int numgroups; 61 62 /* 63 * Only allow those in group taskNum group (By default admin) to authenticate. 64 */ 65 if ((numgroups = getgroups(NGROUPS_MAX, groups)) > 0) { 66 int i; 67 gid_t admingid = 0; 68 struct group *admingroup; 69 70 if ((admingroup = getgrnam(groupNameForTask(taskNum))) != NULL) { 71 admingid = admingroup->gr_gid; 72 73 for (i = 0; i < numgroups; i++) { 74 if (groups[i] == admingid) { 75 admin = 1; 76 break; 77 } 78 } 79 } 80 81 } 82 } 83 // otherwise 84 return admin; 85} 86 87int isAuthenticatedAsRoot(void) 88{ 89 if (getuid() == 0) { 90 return 1; 91 } 92 return 0; 93} 94 95char *groupNameForTask(int taskNum) 96{ 97 if (taskNum == 0) 98 return "admin"; 99 100 return "admin"; 101} 102 103