summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Blake Kongslie <jblake@jblake.org>2018-09-29 15:10:10 -0700
committerJulian Blake Kongslie <jblake@jblake.org>2018-09-29 15:10:10 -0700
commit6b745e0dc3a669640d7ec9b70b5d666c56dc6706 (patch)
treef912ec9c47f044c623868898aa924cb56c09e150
parent8a7677787479ad6d8aede4826987afa42bd1f122 (diff)
downloadinsecuresuexec-master.tar.gz
insecuresuexec-master.zip
Always treat commands as relative to the current working directory.HEADmaster
-rw-r--r--main.cc16
1 files changed, 12 insertions, 4 deletions
diff --git a/main.cc b/main.cc
index 8448f3f..fef5c54 100644
--- a/main.cc
+++ b/main.cc
@@ -283,12 +283,20 @@ int main( int argc, char *argv[] ) {
return 1;
};
+ char *cwd = getcwd( nullptr, 0 );
+ if ( not cwd )
+ assert_perror( errno );
+
char *user = argv[1];
char *group = argv[2];
- char *cmd = argv[3];
+ char *relcmd = argv[3];
char **args = argv + 3;
- DEBUG( "insecuresuexec user=%s group=%s cmd=%s\n", user, group, cmd );
+ std::string cmd = cwd;
+ cmd += '/';
+ cmd += relcmd;
+
+ DEBUG( "insecuresuexec user=%s group=%s cwd=%s cmd=%s\n", user, group, cwd, cmd.c_str() );
uid_t uid;
gid_t gid;
@@ -297,7 +305,7 @@ int main( int argc, char *argv[] ) {
bool did_override = false;
for ( auto i = override->begin( ); i != override->end( ); ++i ) {
- if ( i->match( cmd ) ) {
+ if ( i->match( cmd.c_str() ) ) {
DEBUG( " cmd matched, now uid=%u gid=%u\n", i->uid, i->gid );
@@ -351,7 +359,7 @@ int main( int argc, char *argv[] ) {
if ( setreuid( uid, uid ) != 0 )
assert_perror( errno );
- execv( cmd, args );
+ execv( cmd.c_str(), args );
assert_perror( errno );
}