overby.me / darling-nix
this repo has no description
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Introduce fake UID/GID maintained by kernel

Lubos Dolezel 76e94706 e3a6e037

+78 -167
+7 -5
src/kernel/emulation/linux/stat/common.c
··· 1 - #include "../../../../../platform-include/sys/stat.h" 1 + #include <sys/stat.h> 2 2 #include "common.h" 3 + #include "../unistd/getuid.h" 4 + #include "../unistd/getgid.h" 3 5 4 6 void stat_linux_to_bsd(const struct linux_stat* lstat, struct stat* stat) 5 7 { ··· 7 9 stat->st_mode = lstat->st_mode; 8 10 stat->st_nlink = lstat->st_nlink; 9 11 stat->st_ino = lstat->st_ino; 10 - stat->st_uid = lstat->st_uid; 11 - stat->st_gid = lstat->st_gid; 12 + stat->st_uid = /*lstat->st_uid*/ sys_getuid(); 13 + stat->st_gid = /*lstat->st_gid*/ sys_getgid(); 12 14 stat->st_rdev = lstat->st_rdev; 13 15 stat->st_size = lstat->st_size; 14 16 stat->st_blksize = lstat->st_blksize; ··· 28 30 stat->st_mode = lstat->st_mode; 29 31 stat->st_nlink = lstat->st_nlink; 30 32 stat->st_ino = lstat->st_ino; 31 - stat->st_uid = lstat->st_uid; 32 - stat->st_gid = lstat->st_gid; 33 + stat->st_uid = /*lstat->st_uid*/ sys_getuid(); 34 + stat->st_gid = /*lstat->st_gid*/ sys_getgid(); 33 35 stat->st_rdev = lstat->st_rdev; 34 36 stat->st_size = lstat->st_size; 35 37 stat->st_blksize = lstat->st_blksize;
+3 -19
src/kernel/emulation/linux/unistd/getegid.c
··· 1 1 #include "getegid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 5 3 #include <stddef.h> 6 - #include <stdlib.h> 4 + #include "../mach/lkm.h" 5 + #include "../../../../lkm/api.h" 7 6 8 7 long sys_getegid(void) 9 8 { 10 - int ret; 11 - 12 - #ifndef VARIANT_DYLD // dyld cannot call getenv 13 - if (getenv("__FAKE_SETGID_ROOT") != NULL) 14 - return 0; 15 - #endif 16 - 17 - #ifdef __NR_getegid32 18 - ret = LINUX_SYSCALL0(__NR_getegid32); 19 - #else 20 - ret = LINUX_SYSCALL0(__NR_getegid); 21 - #endif 22 - if (ret < 0) 23 - ret = errno_linux_to_bsd(ret); 24 - 25 - return ret; 9 + return lkm_call(NR_getgid, NULL); 26 10 } 27 11
+3 -20
src/kernel/emulation/linux/unistd/geteuid.c
··· 1 1 #include "geteuid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 5 3 #include <stddef.h> 6 - 7 - extern char* getenv(const char* p); 4 + #include "../mach/lkm.h" 5 + #include "../../../../lkm/api.h" 8 6 9 7 long sys_geteuid(void) 10 8 { 11 - int ret; 12 - 13 - #ifndef VARIANT_DYLD 14 - if (getenv("__FAKE_SETUID_ROOT") != NULL) 15 - return 0; 16 - #endif 17 - 18 - #ifdef __NR_geteuid32 19 - ret = LINUX_SYSCALL0(__NR_geteuid32); 20 - #else 21 - ret = LINUX_SYSCALL0(__NR_geteuid); 22 - #endif 23 - if (ret < 0) 24 - ret = errno_linux_to_bsd(ret); 25 - 26 - return ret; 9 + return lkm_call(NR_getuid, NULL); 27 10 } 28 11
+3 -18
src/kernel/emulation/linux/unistd/getgid.c
··· 1 1 #include "getgid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 5 3 #include <stddef.h> 6 - #include <stdlib.h> 4 + #include "../mach/lkm.h" 5 + #include "../../../../lkm/api.h" 7 6 8 7 long sys_getgid(void) 9 8 { 10 - int ret; 11 - #ifndef VARIANT_DYLD // dyld cannot call getenv 12 - if (getenv("__FAKE_SETGID_ROOT") != NULL) 13 - return 0; 14 - #endif 15 - 16 - #ifdef __NR_getgid32 17 - ret = LINUX_SYSCALL0(__NR_getgid32); 18 - #else 19 - ret = LINUX_SYSCALL0(__NR_getgid); 20 - #endif 21 - if (ret < 0) 22 - ret = errno_linux_to_bsd(ret); 23 - 24 - return ret; 9 + return lkm_call(NR_getgid, NULL); 25 10 } 26 11
+3 -20
src/kernel/emulation/linux/unistd/getuid.c
··· 1 1 #include "getuid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 5 3 #include <stddef.h> 6 - 7 - extern char* getenv(const char* p); 4 + #include "../mach/lkm.h" 5 + #include "../../../../lkm/api.h" 8 6 9 7 long sys_getuid(void) 10 8 { 11 - int ret; 12 - 13 - #ifndef VARIANT_DYLD // dyld cannot call getenv 14 - if (getenv("__FAKE_SETUID_ROOT") != NULL) 15 - return 0; 16 - #endif 17 - 18 - #ifdef __NR_getuid32 19 - ret = LINUX_SYSCALL0(__NR_getuid32); 20 - #else 21 - ret = LINUX_SYSCALL0(__NR_getuid); 22 - #endif 23 - if (ret < 0) 24 - ret = errno_linux_to_bsd(ret); 25 - 26 - return ret; 9 + return lkm_call(NR_getuid, NULL); 27 10 } 28 11
+3 -9
src/kernel/emulation/linux/unistd/setegid.c
··· 1 1 #include "setegid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 3 + #include "../mach/lkm.h" 4 + #include "../../../../lkm/api.h" 5 5 6 6 long sys_setegid(int egid) 7 7 { 8 - int ret; 9 - 10 - ret = LINUX_SYSCALL3(__NR_setresgid, -1, egid, -1); 11 - if (ret < 0) 12 - ret = errno_linux_to_bsd(ret); 13 - 14 - return ret; 8 + return lkm_call(NR_setgid, (void*)(long)egid); 15 9 } 16 10
+3 -9
src/kernel/emulation/linux/unistd/seteuid.c
··· 1 1 #include "seteuid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 3 + #include "../mach/lkm.h" 4 + #include "../../../../lkm/api.h" 5 5 6 6 long sys_seteuid(int euid) 7 7 { 8 - int ret; 9 - 10 - ret = LINUX_SYSCALL3(__NR_setresuid, -1, euid, -1); 11 - if (ret < 0) 12 - ret = errno_linux_to_bsd(ret); 13 - 14 - return ret; 8 + return lkm_call(NR_setuid, (void*)(long)euid); 15 9 } 16 10
+3 -13
src/kernel/emulation/linux/unistd/setgid.c
··· 1 1 #include "setgid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 3 + #include "../mach/lkm.h" 4 + #include "../../../../lkm/api.h" 5 5 6 6 long sys_setgid(int gid) 7 7 { 8 - int ret; 9 - 10 - #ifdef __NR_setgid32 11 - ret = LINUX_SYSCALL1(__NR_setgid32, gid); 12 - #else 13 - ret = LINUX_SYSCALL1(__NR_setgid, gid); 14 - #endif 15 - if (ret < 0) 16 - ret = errno_linux_to_bsd(ret); 17 - 18 - return ret; 8 + return lkm_call(NR_setgid, (void*)(long)gid); 19 9 } 20 10
+3 -13
src/kernel/emulation/linux/unistd/setuid.c
··· 1 1 #include "setuid.h" 2 2 #include "../base.h" 3 - #include "../errno.h" 4 - #include <linux-syscalls/linux.h> 3 + #include "../mach/lkm.h" 4 + #include "../../../../lkm/api.h" 5 5 6 6 long sys_setuid(int uid) 7 7 { 8 - int ret; 9 - 10 - #ifdef __NR_setuid32 11 - ret = LINUX_SYSCALL1(__NR_setuid32, uid); 12 - #else 13 - ret = LINUX_SYSCALL1(__NR_setuid, uid); 14 - #endif 15 - if (ret < 0) 16 - ret = errno_linux_to_bsd(ret); 17 - 18 - return ret; 8 + return lkm_call(NR_setuid, (void*)(long)uid); 19 9 } 20 10
+15
src/shellspawn/shellspawn.c
··· 223 223 read_cmds = false; 224 224 break; 225 225 } 226 + case SHELLSPAWN_SETUIDGID: 227 + { 228 + int* ids = (int*) param; 229 + if (cmd.data_length < 2*sizeof(int)) 230 + { 231 + free(param); 232 + break; 233 + } 234 + 235 + setuid(ids[0]); 236 + setgid(ids[1]); 237 + free(param); 238 + 239 + break; 240 + } 226 241 } 227 242 } 228 243
+1
src/shellspawn/shellspawn.h
··· 34 34 SHELLSPAWN_CHDIR, 35 35 SHELLSPAWN_GO, // execute the shell now, must also contain file descriptors 36 36 SHELLSPAWN_SIGNAL, // pass a signal from client 37 + SHELLSPAWN_SETUIDGID, // set virtual uid and gid 37 38 }; 38 39 39 40 struct __attribute__((packed)) shellspawn_cmd
+3
src/startup/darling.c
··· 570 570 pushShellspawnCommand(sockfd, SHELLSPAWN_CHDIR, buffer2); 571 571 } 572 572 573 + int ids[2] = { g_originalUid, g_originalGid }; 574 + pushShellspawnCommandData(sockfd, SHELLSPAWN_SETUIDGID, ids, sizeof(ids)); 575 + 573 576 int fds[3], master = -1; 574 577 575 578 if (isatty(STDIN_FILENO))
+2 -4
src/tools/CMakeLists.txt
··· 15 15 ) 16 16 17 17 add_darling_executable(sw_vers sw_vers.c) 18 + add_darling_executable(sudo sudo.c) 18 19 19 - install(TARGETS sw_vers DESTINATION libexec/darling/usr/bin) 20 + install(TARGETS sw_vers sudo DESTINATION libexec/darling/usr/bin) 20 21 target_link_libraries(sw_vers system CoreFoundation) 21 22 22 - install(PROGRAMS sudo DESTINATION libexec/darling/usr/bin 23 - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ 24 - GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
-37
src/tools/sudo
··· 1 - #!/bin/sh 2 - # 3 - # This file is part of Darling. 4 - # 5 - # Copyright (C) 2015 Lubos Dolezel 6 - # 7 - # Darling is free software: you can redistribute it and/or modify 8 - # it under the terms of the GNU General Public License as published by 9 - # the Free Software Foundation, either version 3 of the License, or 10 - # (at your option) any later version. 11 - # 12 - # Darling is distributed in the hope that it will be useful, 13 - # but WITHOUT ANY WARRANTY; without even the implied warranty of 14 - # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 - # GNU General Public License for more details. 16 - # 17 - # You should have received a copy of the GNU General Public License 18 - # along with Darling. If not, see <http://www.gnu.org/licenses/>. 19 - # 20 - 21 - if [ $# -lt 1 ]; then 22 - >&2 echo "This is Darling fake sudo." 23 - >&2 echo "Processes will think they run as UID 0, but Linux kernel will still see your original UID." 24 - >&2 echo "The purpose is to convince some tools that they can write into /." 25 - 26 - exit 1 27 - fi 28 - 29 - export __FAKE_SETUID_ROOT=1 30 - export __FAKE_SETGID_ROOT=1 31 - export SUDO_COMMAND=1 32 - 33 - if [ $1 == "-k" ]; then 34 - shift 35 - fi 36 - 37 - exec "${@:1}"
+26
src/tools/sudo.c
··· 1 + #include <unistd.h> 2 + #include <stdio.h> 3 + 4 + int main(int argc, char** argv) 5 + { 6 + int firstarg = 1; 7 + 8 + if (argc <= 1) 9 + { 10 + fprintf(stderr, "This is Darling fake sudo.\n" 11 + "Processes will think they run as UID/GID 0, but Linux kernel will still see your original UID.\n" 12 + "The purpose is to convince some tools that they can write into / or enable you to talk to certain system daemons\n."); 13 + return 1; 14 + } 15 + 16 + setuid(0); 17 + setgid(0); 18 + 19 + if (strcmp(argv[1], "-k") == 0) 20 + firstarg++; 21 + 22 + execvp(argv[firstarg], &argv[firstarg]); 23 + perror("Cannot execute:"); 24 + return 1; 25 + } 26 +