stuart@gargoyle.UUCP (Stuart A. Kurtz) (09/12/85)
Here's a very simple C program which will protect your terminal
session from unauthorized use. It uses crypt(3) in conjunction
with /etc/passwd -- and requires you to type in the password
corresponding to the *login* user, located by getlogin(3).
I hereby place this in the public domain -- but I'd like a copy
of any improvements.
Stu
--------------------[cut here: no sig]--------------------
#!/bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #!/bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
# hold.c
# hold.l
# This archive created: Thu Sep 12 09:20:12 1985
# By: Stuart A. Kurtz (Dept. of Comp. Sci., The University of Chicago)
export PATH; PATH=/bin:$PATH
echo shar: extracting "'hold.c'" '(1870 characters)'
if test -f 'hold.c'
then
echo shar: over-writing existing file "'hold.c'"
fi
sed 's/^X//' << \SHAR_EOF > 'hold.c'
X/* hold.c -- temporarily disable unattended terminal.
X *
X * Written by Stuart A. Kurtz
X * The University of Chicago
X */
X
X#include <stdio.h>
X#include <pwd.h>
X#include <signal.h>
X#include <strings.h>
X
X#define bit(pos) (1 << (pos - 1))
X
X
XFILE
X *fopen();
X
Xvoid
X failsafe();
X
Xchar
X *getlogin(),
X *getpass(),
X *crypt(),
X *malloc();
X
Xchar
X *prompt_fmt = "Holding for %s -- ";
X
Xmain()
X{
X FILE *tty;
X
X struct passwd *pwent;
X
X char *prompt, /* Used to store prompt: Holding for <uname> -- */
X *pwbuf, /* Here's where we store the password */
X trial[10], /* We'll scarf passwd attempt in here, and */
X *trcy, /* put their encrypted version here */
X *uname; /* User name. */
X
X /* Initialize */
X
X failsafe((int) (tty = fopen("/dev/tty","w")),
X "Couldn't open tty\n",stderr);
X failsafe((int) (uname = getlogin()),
X "Login name unavailable!?\n",tty);
X failsafe((int) (pwent = getpwnam(uname)),
X "Password unavailable\n",tty);
X failsafe((int) (pwbuf = pwent->pw_passwd),
X "Null password?!\n",tty);
X failsafe((int) (prompt = malloc((unsigned) (strlen(prompt_fmt) +
X strlen(uname)))),
X "Malloc failed\n",tty);
X
X (void) sprintf(prompt,prompt_fmt,uname);
X
X /* Only three signals can be generated from the terminal, SIGINT, SIGQUIT,
X * and SIGTSTP. We'll only try to stop them. Note in particular, that
X * SIGALRM is *not* set. This is a feature.
X */
X
X (void) sigblock(bit(SIGINT) | bit(SIGQUIT) | bit(SIGTSTP));
X
X for (;;) {
X (void) strcpy (trial, getpass (prompt));
X trcy = crypt (trial, pwbuf);
X if (!strcmp (trcy, pwbuf))
X break;
X }
X}
X
X
Xvoid
Xfailsafe(condition,message,fp)
X int condition;
X char *message;
X FILE *fp;
X{
X if (condition)
X return;
X fprintf(fp,message);
X exit(1);
X}
SHAR_EOF
if test 1870 -ne "`wc -c 'hold.c'`"
then
echo shar: error transmitting "'hold.c'" '(should have been 1870 characters)'
fi
echo shar: extracting "'hold.l'" '(539 characters)'
if test -f 'hold.l'
then
echo shar: over-writing existing file "'hold.l'"
fi
sed 's/^X//' << \SHAR_EOF > 'hold.l'
X.TH HOLD local "10 September 1985"
X.SH NAME
Xhold \- temporarily disable an unattended terminal.
X.SH SYNOPSIS
X\fBhold\fP
X.SH DESCRIPTION
XThis program blocks the terminal generated signals SIGQUIT, SIGINT, and
XSIGTSTP until the user supplies the password of the \fIlogin\fP user
Xassociated with the terminal. The password prompt includes this user
Xname.
X.LP
XAlarm signals are not blocked. This is a feature.
X.LP
XOf course, this program does not protect the terminal from being physically
Xremoved, disconnected, etc.
X.SH SEE ALSO
Xpasswd(1)
SHAR_EOF
if test 539 -ne "`wc -c 'hold.l'`"
then
echo shar: error transmitting "'hold.l'" '(should have been 539 characters)'
fi
# End of shell archive
exit 0