问题
After not getting an answer I liked for this question about chroot, I went and rolled my own solution:
#include <unistd.h>
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>
extern char **environ;
int main(int argc, char** argv, char** envp) {
char* path = "/";
char* name = "nobody";
char* exe = "/bin/false";
struct passwd *pass;
if(argc < 4) { printf("Need more args: username chroot exe args...\n"); return 1; }
name = argv[1];
path = argv[2];
exe = argv[3];
if(!(pass = getpwnam(name))) { printf("Unknown user %s", name); return 2; }
if(chroot(path)) {
if(errno == EPERM) { printf("chroot not allowed\n"); return 3; }
printf("chroot failed\n");
return 4;
}
chdir("/");
if(setgid(pass->pw_gid)) { printf("setgid failed: %d\n", pass->pw_gid); return 5; }
if(setuid(pass->pw_uid)) { printf("setuid failed: %d\n", pass->pw_uid); return 6; }
environ = envp;
execvp(exe, argv + 3);
printf("exec of %s failed\n", exe);
return 7;
}
Does anyone see any bugs in that (or even better, know of a tool that makes it redundant)?
回答1:
- Why do you assign defaults to
path,name,exe, if you overwrite them anyway? - You should not return negative values from within
main(). It makes the actual return value unclear, as POSIX uses only the 8 least significant bits of it (i.e.-1is returned as255, etc.). - You shouldn't rely on
getuid();chroot()would workCAP_SYS_CHROOTcapability too. Instead, you could try tochroot()and check iferrno == EPERM. chroot()doesn't change the current working directory; I think you should callchdir()too.- What does
environ = envpassignment exactly do? It seems hacky. - In any case, you could add better error reporting.
And finally, chrootuid is probably the tool you were looking for.
来源:https://stackoverflow.com/questions/3756610/does-anyone-see-any-problem-in-this-program