-
Notifications
You must be signed in to change notification settings - Fork 0
/
msudo.c
148 lines (135 loc) · 3.18 KB
/
msudo.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
/*
msudo - Execute a command as another user.
Ing. Jaroslav Rohel, 2013
email: [email protected]
*/
#define CFG_FILE_NAME "/etc/msudo.conf"
//#define CFG_FILE_NAME "msudo.conf"
#include <pwd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <regex.h>
int main(int argc, char *argv[])
{
FILE *cfgFile;
uid_t my_uid;
struct passwd *pw;
if (argc<2 || argv[1]=='\0')
{
fprintf(stdout, "msudo version 0.6 Jaroslav Rohel, 2013, [email protected]\n\n");
fprintf(stdout, "Usage:\n");
fprintf(stdout, "%s pathToPrgForExec_with_arguments\n\n", argv[0]);
fprintf(stdout, "Example:\n");
fprintf(stdout, "%s /usr/sbin/arping -i eth0 192.168.10.100\n\n", argv[0]);
return -1;
}
// get my real name
my_uid = getuid();
pw = getpwuid(my_uid);
// printf("%s\n", pw->pw_name);
cfgFile = fopen(CFG_FILE_NAME, "r");
if (cfgFile)
{
const char *wantPrgName = argv[1];
char username[1024];
char prgname[1024];
char prgargspattern[1024];
char wantArgs[10000];
// char *pattern = "a[a-c]u";
int params;
int found = 0;
int exit = 0;
wantArgs[0] = '\0';
if (argc >= 3)
{
int i;
int firstArg = 2;
int freeLen = sizeof(wantArgs) - 1;
for (i=firstArg; i<argc; i++)
{
int srcLen = strlen(argv[i]);
if (srcLen+1 > freeLen)
{
fprintf(stderr, "Error: Too long arguments.\n");
exit = 1;
break;
}
if (i > firstArg)
{
strcat(wantArgs, " ");
freeLen--;
}
// strcat(wantArgs, "\"");
strncat(wantArgs, argv[i], srcLen);
// strcat(wantArgs, "\"");
freeLen -= srcLen;// + 2;
}
}
while (!exit && (params=fscanf(cfgFile, "%1023s%*10000[ \t]%1023s%*10000[ \t]%1023[^\n\r]%*10000[ \t\n\r]", username, prgname, prgargspattern)) >= 2)
{
// printf("UserName: %s\n", username);
// printf("PrgName: %s\n", prgname);
// printf("pattern: %s\n", prgargspattern);
//try find username in list - delimiter is comma ','
int userfound = 0;
const char *tmp = username;
while (*tmp!='\0')
{
int i;
for (i=0; tmp[i]==pw->pw_name[i] || tmp[i]==','; i++)
{
if (pw->pw_name[i] == '\0')
{
userfound = 1;
break;
}
if (tmp[i] == ',') break;
}
if (userfound) break;
while (*tmp!='\0' && *tmp!=',') tmp++;
if (*tmp == ',') tmp++;
}
if (userfound && strcmp(wantPrgName, prgname)==0)
{
if (params==2 && argc==2)
{
found = 1;
break;
}
else if (params > 2)
{
regex_t preg;
int rc;
rc = regcomp(&preg, prgargspattern, 0);
if (rc)
{
fprintf(stderr, "regcomp() failed, returning nonzero (%d)\n", rc);
break;
}
rc = regexec(&preg, wantArgs, 0, NULL, 0);
regfree(&preg);
if (!rc)
{
found = 1;
break;
}
}
}
}
fclose(cfgFile);
if (found)
{
setreuid(0, 0);
setregid(0, 0);
// printf("Starting\n");
// system(wantPrgName);
execv(wantPrgName, &argv[1]);
}
else fprintf(stdout, "User \"%s\" is not allowed to start program \"%s\" with arguments \"%s\"\n", pw->pw_name, wantPrgName, wantArgs);
}
else fprintf(stderr, "Can't open config file %s\n", CFG_FILE_NAME);
return -1;
}