execv-like system call

June 30, 2009 Leave a comment

From the system man page, it explicitely says:

Do not use system() from a program with set-user-ID or set-group-ID privileges, because strange values for some environment variables might be used to subvert system integrity.

Good advice, but sometimes you need to get stuff done anyway. This is experimenting with pam and execv from a stupid insecure google apps pam module I wrote


PID = fork();
if (PID == 0) {
  //child
  char* argvarray[4] = {progarg0, username, newpass, (char *) 0};
  execv(netprog, argvarray);
  if (debug == 1)
    printf("forking failure\n");
  report_error(1);
  return PAM_CRED_ERR;
}
else if (PID < 0) {
  if (debug == 1)
    printf("unexpected error\n");
  report_error(1);
  return PAM_CRED_ERR;
}
 
wait(&amp;execreturn);
//make sure this does exit properly and isn't killed
if (WIFEXITED(execreturn)) {
  rc = WEXITSTATUS(execreturn);
}
else {
  report_error(1);
  return PAM_CRED_ERR;
}

The first 18 lines emulate a system call. The rest is used to get the return value, which you would also need to do with a system call. Basically, it has close to the same functionality as if it were:

system("programcall");
 
wait(&amp;execreturn);
//make sure this does exit properly and isn't killed
if (WIFEXITED(execreturn)) {
  rc = WEXITSTATUS(execreturn);
}
else {
  report_error(1);
  return PAM_CRED_ERR;
}

Filed under Misc Tagged with

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: