Index: /trunk/src/VBox/Runtime/Makefile.kmk =================================================================== --- /trunk/src/VBox/Runtime/Makefile.kmk (revision 29581) +++ /trunk/src/VBox/Runtime/Makefile.kmk (revision 29582) @@ -1060,4 +1060,6 @@ VBoxRT_LIBS += lzo2 endif +VBoxRT_LIBS.linux = \ + crypt VBoxRT_LIBS.darwin = \ iconv Index: /trunk/src/VBox/Runtime/r3/posix/process-posix.cpp =================================================================== --- /trunk/src/VBox/Runtime/r3/posix/process-posix.cpp (revision 29581) +++ /trunk/src/VBox/Runtime/r3/posix/process-posix.cpp (revision 29582) @@ -39,4 +39,8 @@ #include #include +#if defined(RT_OS_LINUX) +# include +# include +#endif #if defined(RT_OS_LINUX) || defined(RT_OS_OS2) # define HAVE_POSIX_SPAWN 1 @@ -61,4 +65,43 @@ #include "internal/process.h" + +/** + * Check the credentials and return the gid/uid of user. + * + * @param pszUser username + * @param pszPasswd password + * @param gid where to store the GID of the user + * @param uid where to store the UID of the user + * @returns IPRT status code + */ +static int rtCheckCredentials(const char *pszUser, const char *pszPasswd, gid_t *gid, uid_t *uid) +{ +#if defined(RT_OS_LINUX) + struct passwd *pw; + + pw = getpwnam(pszUser); + if (!pw) + return VERR_PERMISSION_DENIED; + + if (!pszPasswd) + pszPasswd = ""; + + struct spwd *spwd; + /* works only if /etc/shadow is accessible */ + spwd = getspnam(pszUser); + if (spwd) + pw->pw_passwd = spwd->sp_pwdp; + + char *pszEncPasswd = crypt(pszPasswd, pw->pw_passwd); + if (strcmp(pszEncPasswd, pw->pw_passwd)) + return VERR_PERMISSION_DENIED; + + *gid = pw->pw_gid; + *uid = pw->pw_uid; + return VINF_SUCCESS; +#else + return VERR_PERMISSION_DENIED; +#endif +} @@ -148,6 +191,7 @@ if (pszAsUser) { - AssertMsgFailed(("Implement get uid by name lookup\n")); - return VERR_NOT_IMPLEMENTED; + rc = rtCheckCredentials(pszAsUser, pszPassword, &gid, &uid); + if (RT_FAILURE(rc)) + return rc; }