有人在这个程序中看到任何问题吗 [英] Does anyone see any problem in this program
本文介绍了有人在这个程序中看到任何问题吗的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
After not getting an answer I liked for this question about chroot, I went and rolled my own solution:
#include <unistd.h>
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>
extern char **environ;
int main(int argc, char** argv, char** envp) {
char* path = "/";
char* name = "nobody";
char* exe = "/bin/false";
struct passwd *pass;
if(argc < 4) { printf("Need more args: username chroot exe args...\n"); return 1; }
name = argv[1];
path = argv[2];
exe = argv[3];
if(!(pass = getpwnam(name))) { printf("Unknown user %s", name); return 2; }
if(chroot(path)) {
if(errno == EPERM) { printf("chroot not allowed\n"); return 3; }
printf("chroot failed\n");
return 4;
}
chdir("/");
if(setgid(pass->pw_gid)) { printf("setgid failed: %d\n", pass->pw_gid); return 5; }
if(setuid(pass->pw_uid)) { printf("setuid failed: %d\n", pass->pw_uid); return 6; }
environ = envp;
execvp(exe, argv + 3);
printf("exec of %s failed\n", exe);
return 7;
}
有人能看到其中的任何错误吗?(甚至更好的是,知道使它冗余的工具)?
Does anyone see any bugs in that (or even better, know of a tool that makes it redundant)?
推荐答案
- 如果仍然覆盖默认值,为什么还要将默认值分配给
path
,name
,exe
? - 您不应从
main()
内部返回负值.它使实际的返回值不清楚,因为POSIX仅使用它的8个最低有效位(即-1
返回为255
等). - 您不应该依赖
getuid()
;chroot()
也可以使用CAP_SYS_CHROOT
功能.相反,您可以尝试chroot()
并检查errno == EPERM
. -
chroot()
不会更改当前工作目录;我想您也应该致电chdir()
. -
environ = envp
分配的确切作用是什么?好像很黑. - 无论如何,您都可以添加更好的错误报告.
- Why do you assign defaults to
path
,name
,exe
, if you overwrite them anyway? - You should not return negative values from within
main()
. It makes the actual return value unclear, as POSIX uses only the 8 least significant bits of it (i.e.-1
is returned as255
, etc.). - You shouldn't rely on
getuid()
;chroot()
would workCAP_SYS_CHROOT
capability too. Instead, you could try tochroot()
and check iferrno == EPERM
. chroot()
doesn't change the current working directory; I think you should callchdir()
too.- What does
environ = envp
assignment exactly do? It seems hacky. - In any case, you could add better error reporting.
最后, chrootuid 可能是您正在寻找的工具
And finally, chrootuid is probably the tool you were looking for.
这篇关于有人在这个程序中看到任何问题吗的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文