«
»

execv-like system call

June 30th, 2009 by webstersprodigy

From the system man page, it explicitely says:

Do not use system() from a program with set-user-ID or set-group-ID privileges, because strange values for some environment variables might be used to subvert system integrity.

Good advice, but sometimes you need to get stuff done anyway. This is experimenting with pam and execv from a stupid google apps pam module I wrote

  PID = fork();
  if (PID == 0) {
    //child
    char* argvarray[4] = {progarg0, username, newpass, (char *) 0};
    execv(netprog, argvarray);
    if (debug == 1)
      printf("forking failure\n");
    report_error(1);
    return PAM_CRED_ERR;
  }
  else if (PID < 0) {
    if (debug == 1)
      printf("unexpected error\n");
    report_error(1);
    return PAM_CRED_ERR;
  }

  wait(&amp;execreturn);
  //make sure this does exit properly and isn't killed
  if (WIFEXITED(execreturn)) {
    rc = WEXITSTATUS(execreturn);
  }
  else {
    report_error(1);
    return PAM_CRED_ERR;
  }

The first 18 lines emulate a system call. The rest is used to get the return value, which you would also need to do with a system call. Basically, it has close to the same functionality as if it were:

  system("programcall");

  wait(&amp;execreturn);
  //make sure this does exit properly and isn't killed
  if (WIFEXITED(execreturn)) {
    rc = WEXITSTATUS(execreturn);
  }
  else {
    report_error(1);
    return PAM_CRED_ERR;
  }

Tags:

This entry was posted on Tuesday, June 30th, 2009 at 15:54 and is filed under Linux, Programming. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

No computers were harmed in the 0.172 seconds it took to produce this page.