planning comments

us.c

@@ -1,12 +1,12 @@
 #define _POSIX_C_SOURCE 200809L
 
+#include <sys/types.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <unistd.h>
-#include <errno.h>
 #include <string.h>
-#include <sys/types.h>
+#include <errno.h>
 #include <pwd.h>
+#include <unistd.h>
 #include <security/pam_appl.h>
 #include <security/pam_misc.h>
 
@@ -18,6 +18,7 @@ static struct pam_conv conv = {misc_conv, NULL};
 
 int main (int argc, char *argv[])
 {
+	// FIXME: change the default program to execute SHELL
 	if (argc < 2) {
 		usage();
 		exit(1);
@@ -57,6 +58,8 @@ int main (int argc, char *argv[])
 	}
 	// FIXME: check again for the validity of the login for more security
 	// as in: https://docs.oracle.com/cd/E19120-01/open.solaris/819-2145/pam-20/index.html
+	// FIXME: ^C [SIGINT] will interrupt this call possibly causing a
+	// vulnerability
 
 	pam_end(pamh, pam_err);
 	// TODO: clean up env
@@ -101,6 +104,14 @@ int main (int argc, char *argv[])
 
 static inline void usage (void)
 {
+	// TODO: planned options
+	// -a [program]: like sudo's askpass
+	// -u [user]: change the default user from root to user
+	// -g [group]: change the primary group to [gorup]
+	// 	both -a and -g will accept numbers with #[num] like sudo
+	// -c [file]: manually select config file
+	// something about environment
+	// something about non interactiveness
 	printf("usage: us [command]\n");
 }
 
@@ -116,9 +127,11 @@ static int perm_set (uid_t uid, gid_t gid)
 	// $ sudo id
 	// and check the output
 	int err = 0;
+	// FIXME: using setresuid() and setresgid() is preferred
 	if ((err = seteuid(uid)) == -1)
 		return err;
 	else if ((err = setegid(gid)) == -1)
 		return err;
+	// FIXME: to set the group list use initgroups()
 	return err;
 }