posix setuid 不同的进程
我正在为 Android 开发一个应用程序,我需要将 Dalvik VM 提升为 root uid,因为在替代方案中,我需要编写许多由 Java 代码使用 sh 脚本启动的小应用程序(对于超级用户,他们需要成为 root),我真的不想这样做!
虽然我现在正在尝试使用 capsetp 将 CAP_SETUID 设置为调用进程,但我不知道这是否会得到所有 Android 内核的广泛支持,因此我正在寻找可能的替代方案。
我的后备解决方案是启动一个 root 进程,首先使用 seteuid 切换到正确的用户,使用应用程序 (execl) 启动 Dalvik VM,然后使用 JNI,切换回 root 用户...
还有其他选择吗?
编辑
我正在尝试此代码,但它无法应用新功能(capsetp)。
我已经在 Android 上部分编译了 libcap(缺少 cap_file 内容,但我不需要它),但此代码不适用于标准发行版(Ubuntu)。
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <unistd.h>
#include <sys/types.h>
#ifndef __user
#define __user
#endif
#include <linux/capability.h>
#include <sys/capability.h>
int main(int argc, char** argv)
{
cap_t caps;
cap_value_t cap_list[1];
pid_t process_id = atoi(argv[1]);
caps = cap_get_pid(process_id);
if (caps == NULL)
{
perror("Failed to get capabilities");
exit(-1);
}
printf("%s\n", cap_to_text(caps, NULL));
cap_list[0] = CAP_SETUID;
if (cap_set_flag(caps, CAP_EFFECTIVE, 1, cap_list, CAP_SET) == -1)
{
perror("Failed to add new capability");
exit(-1);
}
if (capsetp(process_id, caps) == -1)
{
perror("Failed to apply capabilities");
exit(-1);
}
cap_free(&caps);
return 0;
}
I'm developing an application for Android and I need to elevate the Dalvik VM to root uid, because in the alternative I need to write a lot of small applications that are started by the Java code using sh scripts (with superuser, they needs to be root) and I really don't want to do that!
While I'm trying to use, right now, capsetp to set CAP_SETUID to the calling process, I don't know if this will be widely supported by all Android kernels so I'm looking for possible alternatives.
My fallback solution would be to start a root process that will first use seteuid to switch to the right user, start Dalvik VM with the application (execl) and, using JNI, switch back to the root user ...
Any alternative?
EDIT
I'm trying this code, but it fails to apply new capabilities (capsetp).
I've partially compiled libcap on Android (cap_file stuff is missing, but I don't need it), but this code doesn't work on a standard distro (Ubuntu).
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <unistd.h>
#include <sys/types.h>
#ifndef __user
#define __user
#endif
#include <linux/capability.h>
#include <sys/capability.h>
int main(int argc, char** argv)
{
cap_t caps;
cap_value_t cap_list[1];
pid_t process_id = atoi(argv[1]);
caps = cap_get_pid(process_id);
if (caps == NULL)
{
perror("Failed to get capabilities");
exit(-1);
}
printf("%s\n", cap_to_text(caps, NULL));
cap_list[0] = CAP_SETUID;
if (cap_set_flag(caps, CAP_EFFECTIVE, 1, cap_list, CAP_SET) == -1)
{
perror("Failed to add new capability");
exit(-1);
}
if (capsetp(process_id, caps) == -1)
{
perror("Failed to apply capabilities");
exit(-1);
}
cap_free(&caps);
return 0;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我认为没有办法直接提升另一个进程的权限。执行此类操作的规范方法是
execsetuid-root 二进制文件,然后在重新exec程序之前确定是否授予您的程序权限。想想su或sudo。当然,像这样的 setuid-root 程序可以与原始 root 进程通信,以确定授予 root 权限是否安全。请记住,可能存在很多危险的极端情况。I don't think there's a way to elevate another process's privileges directly. The canonical way to do things like this is to
execa setuid-root binary which then determines whether to grant your program privileges before re-execing your program. Thinksuorsudo. Of course your setuid-root program like that could communicate with the original root process to determine if it's safe to grant root. Keep in mind that there could be lots of dangerous corner cases.