seteuid(0) 之后调用 popen 失败
我的 C 代码执行 a
seteuid (euid);
popen("/root/bin/iptables ....", "r");
并且即使我使用 seteuid(0) 调用它也会失败。 (可执行文件已启用 setuid)。
看来 seteuid 和 popen 不能一起工作。
当 popen 调用时,它会在 stderr 中打印以下消息。
iptables v1.4.6: can't initialize iptables table : Permission denied (you must be root)
换句话说,popen“成功”,但由于创建了新 shell,因此不会维护权限,并且用例失败。
我该如何解决这个问题?
My C code does a
seteuid (euid);
popen("/root/bin/iptables ....", "r");
and it fails even if I call with seteuid(0). (The executables has setuid on).
It seems that seteuid and popen do not work together.
When popen called it prints in stderr the following msg
iptables v1.4.6: can't initialize iptables table : Permission denied (you must be root)
In other words popen "succeeds", but because a new shell is created the permissions are not maintained and the use case fails.
How can I solve the problem?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您正在通过调用 popen 来调用 setuid 脚本。例如,许多 Linux 发行版都会检查 shell 调用,以防止脚本开始运行 setuid 或 seteuid。问题不在于popen,而在于/bin/sh,这是popen 使用的默认shell。在 Linux 中 /bin/sh 通常是 bash。
我相信它会调用 getresuid() 并检查保存的 uid,该 uid 必须是 root。
您可以通过向不执行这些检查的 shell 调用 exec 函数,或者用 C 语言编写所有代码(无 shell 调用)来解决此问题 - 这是安全检查的真正目的。
Your are invoking a setuid script by calling popen. Many distibutions of Linux, for example, have checks in shell invocation to prevent a script begin run setuid or seteuid. The problem is not popen, is is /bin/sh, which is the default shell popen uses. In Linux /bin/sh is normally bash.
I believe it calls getresuid() and checks the saved uid, which has to be root.
You can work around this by calling an exec function to a shell that does not perform these checks, or writing all of your code in C (no shell calls) - which is the real intent of the security check.