/* checkshadow.c   by Michael Thorpe   2000-01-10 */

/*****************************************************************************
 *                                                                           *
 *    Simple program to tell if users are in /etc/shadow.                    *
 *                                                                           *
 *    Will be installed suid-root, for obvious reasons.                      *
 *                                                                           *
 *    Can you spot the security problem?                                     *
 *                                                                           *
 *  HINT:                                                                    *
 *    Knowing if a user is in /etc/shadow or not isn't a security problem,   *
 *    because anyone in /etc/shadow will be in /etc/passwd. However, if      *
 *    someone can get at the encrypted passwords, they can go crack them...  * 
 *                                                                           *
 *  DISCLAIMER:                                                              *
 *    We ignore for the moment races caused by other programs changing       *
 *    /etc/shadow under us - this is just an example, not a robust program   *
 *                                                                           *
 *****************************************************************************/

#include <stdio.h>
#include <ctype.h>

#define SHADOW "/etc/shadow"
#define BIG 2044

int main(int argc,char **argv) {
   FILE *f;
   int i;
   char s[80];
   char t[BIG+4];

   if(argc>1) {
      printf("usage: checkshadow     (Check if users are in %s)\n",SHADOW);
      return(1);
   }
   if(0==(f=fopen(SHADOW,"r"))) {          /* Open /etc/shadow              */
      fprintf(stderr,"Couldn't open %s!\n",SHADOW);
      return(-1);
   }
   while(s==fgets(s,75,stdin)) {           /* For each line of stdin...     */
      for(i=0;i<75 && !isspace(s[i]);i++)  /* Clean it up...                */
         ;
      s[i]='\0';
      fseek(f,0,SEEK_SET);                 /* We can safely ignore an error */
      while(t==fgets(t,BIG,f)) {           /* For each line in shadow...    */
         for(i=0;i<BIG && s[i];i++)        /* ...compare the strings...     */
            if(s[i] != t[i] || t[i]==':')  /* ...don't compare on colons    */
               break;
         if(s[i]=='\0' && t[i]==':') {     /* If we got to the end of s...  */
            printf("%s is a user!\n",s);   /* ...then we must've matched... */
            i=-1;                          /* ...so we set i to -1...       */
            break;                         /* ...and we needn't check more  */
         }
      }
      if(i != -1)                          /* If i wasn't set to -1...      */
         printf("%s isn't a user.\n",s);   /* ...we must not have matched   */
   }

   return(0);
}