int main(int argc, char **argv) { struct stat statb; gid_t egid = getegid(); uid_t euid = geteuid(); user_details(); /* Sanity check #1. This check should be made compile-time, but that's not possible. If you're sure that you specified a full path name for FULL_PATH, you can omit this check. */ if (FULL_PATH[0] != '/') { fprintf(stderr, "%s: %s is not a full path name\n", argv[0], FULL_PATH); fprintf(stderr, "You can only use this wrapper if you\n"); fprintf(stderr, "compile it with an absolute path.\n"); exit(1); } /* Sanity check #2. Check that the owner of the script is equal to either the effective uid or the super user. */ if (stat(FULL_PATH, &statb) < 0) { perror("stat"); exit(1); } if (statb.st_uid != 0 && statb.st_uid != euid) { fprintf(stderr, "%s: %s has the wrong owner\n", argv[0], FULL_PATH); fprintf(stderr, "The script should be owned by root,\n"); fprintf(stderr, "and shouldn't be writeable by anyone.\n"); exit(1); } if (setregid(egid, egid) < 0) perror("setregid"); if (setreuid(euid, euid) < 0) perror("setreuid"); clean_environ(); umask(UMASK); while (**argv == '-') /* don't let argv[0] start with '-' */ (*argv)++; execv(FULL_PATH, argv); fprintf(stderr, "%s: could not execute the script\n", argv[0]); exit(1); }
int main(int argc, char **argv) { int i; uid_t uid = getuid(); uid_t euid = geteuid(); char *argv_copy[argc + 5]; argv_copy[0] = basename(argv[0]); argv_copy[1] = "-O"; argv_copy[2] = "-E"; argv_copy[3] = MODULE_PATH; for(i = 1; i < argc; i++) { argv_copy[i + 3] = strdup(argv[i]); } argv_copy[i + 3] = NULL; if(uid != euid) { struct stat statb; /* Check that the owner of the script is equal to either the effective uid or the super user. */ if (stat(MODULE_PATH, &statb) < 0) { perror("stat"); exit(1); } if (statb.st_uid != 0 && statb.st_uid != euid) { fprintf(stderr, "%s: %s has the wrong owner\n", argv[0], MODULE_PATH); fprintf(stderr, "The module should be owned by root,\n"); fprintf(stderr, "and shouldn't be writeable by anyone.\n"); exit(1); } clean_environ(); } execv("/usr/bin/python", argv_copy); perror("execv"); }
char *bin_op_run(bot_t * bot, char *prog, char *options, char *input, dlist_t * dlist_node) { pid_t pid = 0; char buf[MAX_BUF_SZ + 1]; char *path = NULL; char *str = NULL, *ptr = NULL; dlist_t *dl_data = NULL, *dptr_data = NULL; memdup_t *mem = NULL; int argc = 0; char **argv = NULL; int pipefds1[2], pipefds2[2]; int n = 0, i = 0; debug(NULL, "bin_op_run: Entered: %s %s %s\n", prog, options, input); if (!bot || !_sNULL(prog)) return NULL; if (!str_apply_is(prog, isprog)) return NULL; if (!_sNULL(options)) options = ""; path = str_unite_static("%s/mods/mod_bin_files/%s %s", gi->confdir, prog, options); argv = tokenize_str2argv(path, &argc, 0); if (!argv) return NULL; for (i = 0; i < argc; i++) { debug(NULL, "bin_op_run: %i. %s\n", i, argv[i]); } clean_environ(); if (pipe(pipefds1) < 0) goto cleanup; if (pipe(pipefds2) < 0) goto cleanup; pid = bot_fork_clean(bot); if (pid < 0) goto cleanup; if (!pid) { pid = getpid(); close(0); close(1); close(2); close(pipefds2[0]); dup2(pipefds2[1], 1); dup2(pipefds2[1], 2); close(pipefds1[1]); close(0); dup2(pipefds1[0], 0); execve(argv[0], argv, environ); bot_fork_clean_exit(bot); return 0; } else { close(pipefds1[0]); close(pipefds2[1]); while (1) { bz(buf); n = read(pipefds2[0], buf, sizeof(buf) - 1); if (n <= 0) break; dlist_Dinsert_after(&dl_data, memdup(buf, n)); } } bz(bot->txt_data_in); strzero_bot(bot->txt_data_in); strlcat_bot(bot->txt_data_in, bot->txt_data_out); bot->txt_data_in_sz = strlen(bot->txt_data_in); dlist_fornext(dl_data, dptr_data) { if (!dptr_data) break; mem = (memdup_t *) dlist_data(dptr_data); if (!mem) continue; //memcpy_bot(bot->txt_data_in, mem->data, mem->len); strlcat_bot(bot->txt_data_in, mem->data); bot->txt_data_in_sz += mem->len; } if (dlist_node) { dlist_fornext(dlist_next(dlist_node), dptr_data) { ptr = (char *)dlist_data(dptr_data); charcat_bot(bot->txt_data_in, '|'); strlcat_bot(bot->txt_data_in, ptr); bot->txt_data_in_sz += strlen(ptr) + 1; } }