/************************************************** ***
*** chrexec.c ***
*This shit can be called from root or from any user (in that case executable
* should have 06755 permisions) and should chroot and exec program
* (specified in command line parameter) in general, but it doesn`t.
* ************************************************** **/
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <string.h>
#define VALIDATE(f,err) \
if (f == -1)\
{\
perror(err);\
exit (-1);\
}
int main(int args, char *argv[])
{
int i;
for (i = 0; i < args; i++)
{
fprintf(stderr, "param %02d: %s\n", i, argv[i]);
}
int initialUID = getuid();
int initialGID = getgid();
fprintf(stderr, "initial UID: %d initial GID: %d\n", initialUID, initialGID);
VALIDATE(setuid(0),"setuid")
VALIDATE(setgid(0),"setgid")
fprintf(stderr, "chrooting to .\n");
VALIDATE(chroot("."),"chroot")
VALIDATE(chdir("/"),"chdir")
DIR *curr = opendir(".");
if (!curr)
{
perror("opendir");
exit(-1);
}
struct dirent *dir;
fprintf(stderr, "Files in \".\":\n");
while (dir = readdir(curr))
{
fprintf(stderr, ">> %s\n", dir->d_name);
}
fprintf(stderr, "No more files in \".\"\n");
VALIDATE(setgid(initialGID),"setgid")
VALIDATE(setuid(initialUID),"setuid")
VALIDATE(execv(argv[1], &argv[1]),"execv")
// execv: No such file or directory in most cases
return 0;
}
/************************************************** *****
* "chrexec" works if do not perform "chroot" call, and if "." (current dir) is "/".
* With chrexec I try to call another executable in "." directory (and even list
* files to show that this executable really exist in ".")
* That`s my first experience of using chroot, can anyone show me mistake?
************************************************** ******/