| One caveat: this wrapper will break programs with symbolic links that perform
| different functions of the wrapped program (like sendmail, which has links
| for mailq and newaliases). This is because the wrapper resets argv[0] to the
| name of the wrapper program before executing the wrapped program.
You would need to install separate copies of the wrapper in place of these
symbolic links.
| I commented out the offending line in the wrapper and things work as they
| should now. What security implications are there to not resetting argv[0]?
Basically, argv[0] is currently completely unchecked. (No check was
necessary since I was replacing argv[0].)
To merely check/pass along argv[0], you also need to change the for loop
near the top of main(). Change as follows:
From:
for (i=1;i<argc && argv[i]!=0;i++)
To:
for (i=0;i<argc && argv[i]!=0;i++)
The long-term fix would be to have the wrapper extract the basename from
argv[0], and look it up in a list of allowed program names. If found,
reset argv[0] to just the basename and pass that to the wrapped program.
Otherwise, report it as an error/exploit attempt.
I could try to add that, if anyone's interested.
Regards,
--Joe
-- +--------------Joseph Zbiciak--------------+ |- - - - jzbiciak@daldd.sc.ti.com - - - - -| | - - http://ee1.bradley.edu/~im14u2c/ - - | Not your average "Joe." |- - - - Texas Instruments, Dallas - - - -| +-------#include <std_disclaimer.h>--------+