summaryrefslogtreecommitdiff
path: root/utils
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2015-07-30 14:52:23 (GMT)
committerChristian Pointner <equinox@spreadspace.org>2015-07-30 14:52:23 (GMT)
commitd1dd85bddc09b38c01404b847b9dc1985152b3fb (patch)
treea8b15e272ef9e5bb7aa707f12f4663b62ae2ffc9 /utils
parent2b3d623828f84a01afa7a07cb240f73095e85941 (diff)
improved priv check for get-rd-token
Diffstat (limited to 'utils')
-rwxr-xr-xutils/get-rd-token25
-rwxr-xr-xutils/get-rd-week2
2 files changed, 17 insertions, 10 deletions
diff --git a/utils/get-rd-token b/utils/get-rd-token
index 1a59f21..ff014c0 100755
--- a/utils/get-rd-token
+++ b/utils/get-rd-token
@@ -23,24 +23,31 @@
use strict;
use RHRD::rddb;
-# this is ridiculous but makes it a little harder to find user passwords...
-if ($> != 0 ) {
- print STDERR "this must be run as root!\n";
- exit 1;
-}
-
my $num_args = $#ARGV + 1;
-if ($num_args != 1) {
+
+if($num_args > 1) {
print STDERR "Usage: get-rd-token <username>\n";
exit 1;
}
-my $username=$ARGV[0];
+my $requsername=$ARGV[0];
+my $pwusername = getpwuid($>);
+
+# this is ridiculous but makes it a little harder to find user passwords...
+if($num_args == 1) {
+ unless($> == 0 || $pwusername eq $requsername) {
+ print STDERR "this must be run as root or as the user whos token is requested!\n";
+ exit 1;
+ }
+} else {
+ $requsername = $pwusername;
+}
+
my $token='';
my ($dbh, undef, $errorstring) = RHRD::rddb::opendb();
if(defined $dbh) {
- ($token, undef, $errorstring) = RHRD::rddb::get_token($dbh, $username);
+ ($token, undef, $errorstring) = RHRD::rddb::get_token($dbh, $requsername);
unless($token) {
print STDERR "$errorstring\n";
exit 1;
diff --git a/utils/get-rd-week b/utils/get-rd-week
index 041e822..c6dd0ab 100755
--- a/utils/get-rd-week
+++ b/utils/get-rd-week
@@ -23,4 +23,4 @@
use strict;
use RHRD::utils;
-print RHRD::utils::get_rd_week() . "\n"; \ No newline at end of file
+print RHRD::utils::get_rd_week() . "\n";