int main(int argc, char **argv) {
    char *mod;
    int i;
    int inserting = 0;
    char **exec_argv;

    if(geteuid() != 0) {
        fprintf(stderr, "module_helper is not setuid root\n");
        return 1;
    }
    /* drop root privs temporarily */
    seteuid(getuid());

    if(argc < 3) error(argc, argv);
    if(strcmp(argv[1], "insert") && strcmp(argv[1], "remove")) error(argc, argv);
    exec_argv = malloc(argc * sizeof(char *));

    if(!strcmp(argv[1], "insert"))
        inserting = 1;

    mod = argv[2];

    if(inserting) {
        check_whitelist_module_path(mod, argc, argv);

        exec_argv[0] = "/sbin/insmod";
        exec_argv[1] = mod;

        for(i=3; i<argc; i++) {
            exec_argv[i-1] = argv[i];
        }
        exec_argv[argc-1] = NULL;
    } else {
        check_whitelist_module(mod, argc, argv);
        exec_argv[0] = "/sbin/rmmod";
        exec_argv[1] = mod;
        exec_argv[2] = NULL;
    }

    /* reinstate root privs */
    seteuid(0);
    execve(exec_argv[0], exec_argv, NULL);

    perror("execv failed");
    return 1;
}
Exemple #2
0
int main(int argc, char **argv) {
    char *mod;
    int i;
    int inserting = 0;
    int res;
    struct utsname u;
    char buf[4096];
    char **exec_argv;

    if(geteuid() != 0) {
        fprintf(stderr, "module_helper is not setuid root\n");
        return 1;
    }
    /* drop root privs temporarily */
    res = seteuid(getuid());
    if(res != 0)
    {
        perror("seteuid");
        return 1;
    }

    res = uname(&u);
    if(res != 0)
    {
        perror("uname");
        return 1;
    }

    res = snprintf(buf, sizeof(buf), "/usr/realtime-%s/modules", u.release);
    if(res < 0 || res >= sizeof(buf))
    {
        perror("snprintf");
        return 1;
    }
    path_whitelist[2] = buf;

    if(argc < 3) error(argc, argv);
    if(strcmp(argv[1], "insert") && strcmp(argv[1], "remove")) error(argc, argv);
    exec_argv = malloc(argc * sizeof(char *));

    if(!strcmp(argv[1], "insert"))
        inserting = 1;

    mod = argv[2];

    if(inserting) {
        check_whitelist_module_path(mod, argc, argv);

        exec_argv[0] = "/sbin/insmod";
        exec_argv[1] = mod;

        for(i=3; i<argc; i++) {
            exec_argv[i-1] = argv[i];
        }
        exec_argv[argc-1] = NULL;
    } else {
        check_whitelist_module(mod, argc, argv);
        exec_argv[0] = "/sbin/rmmod";
        exec_argv[1] = mod;
        exec_argv[2] = NULL;
    }

    /* reinstate root privs */
    res = seteuid(0);
    if(res != 0)
    {
        perror("seteuid");
        return 1;
    }

    execve(exec_argv[0], exec_argv, NULL);

    perror("execv failed");
    return 1;
}