From bfacca1f5e4fe3a4d90cb300c765a85d024358c9 Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Mon, 29 Oct 2012 22:10:16 -0700 Subject: Initial commit. --- .gitignore | 1 + Makefile | 7 +++++++ main.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 main.c diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b78e996 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/insecuresuexec diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..43d9995 --- /dev/null +++ b/Makefile @@ -0,0 +1,7 @@ +insecuresuexec: main.c + clang -Wall -Werror -Os -o $@ $+ + +clean: + rm -f insecuresuexec + +.PHONY: clean diff --git a/main.c b/main.c new file mode 100644 index 0000000..7af7c55 --- /dev/null +++ b/main.c @@ -0,0 +1,58 @@ +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include + +int main( int argc, char *argv[] ) { + + if ( argc < 4 ) { + fprintf( stderr, "Usage: %s user group cmd [args..]\n", argv[0] ); + return 1; + }; + + char *user = argv[1]; + char *group = argv[2]; + char *cmd = argv[3]; + char **args = argv + 3; + + char *end; + unsigned long tmp; + + struct passwd *userpw; + struct group *grouppw; + + tmp = strtoul( user, &end, 10 ); + if ( end != user && ! *end ) { + userpw = getpwuid( tmp ); + } else { + userpw = getpwnam( user ); + }; + assert( userpw != NULL ); + + tmp = strtoul( group, &end, 10 ); + if ( end != user && ! *end ) { + grouppw = getgrgid( tmp ); + } else { + grouppw = getgrnam( group ); + }; + assert( grouppw != NULL ); + + if ( setgroups( 0, NULL ) != 0 ) + assert_perror( errno ); + + if ( setregid( grouppw->gr_gid, grouppw->gr_gid ) != 0 ) + assert_perror( errno ); + + if ( setreuid( userpw->pw_uid, userpw->pw_uid ) != 0 ) + assert_perror( errno ); + + execv( cmd, args ); + assert_perror( errno ); + +} -- cgit v1.2.3