1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
/*
Copyright (C) 2011 ABRT Team
Copyright (C) 2011 RedHat inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <unistd.h>
#include <string.h>
// TODO: honor configure --prefix here:
#define EXECUTABLE "/usr/bin/abrt-action-install-debuginfo.py"
static void error_msg_and_die(const char *msg, const char *arg)
{
write(2, msg, strlen(msg));
if (arg)
{
write(2, " '", 2);
write(2, msg, strlen(msg));
write(2, "'", 1);
}
write(2, "\n", 1);
exit(1);
}
/* A binary wrapper is needed around python scripts if we want
* to run them in sgid/suid mode.
*
* This is such a wrapper.
*/
int main(int argc, char **argv)
{
/*
* We disallow passing of arguments which point to writable dirs.
* This way, the script will always use default arguments.
*/
char **pp = argv;
char *arg;
while ((arg = *++pp) != NULL)
{
if (strncmp(arg, "--cache", 7) == 0)
error_msg_and_die("bad option", arg);
if (strncmp(arg, "--tmpdir", 8) == 0)
error_msg_and_die("bad option", arg);
}
/* We use full path, and execv instead of execvp in order to
* disallow user to execute his own abrt-action-install-debuginfo.py
* in his dir by setting up corresponding malicious $PATH.
*/
execv(EXECUTABLE, argv);
error_msg_and_die("Can't execute", EXECUTABLE);
}
|