![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to setgid.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Research Unix] / researchv10no / cmd|
Return to setgid.c CVS log | Up to [Research Unix] / researchv10no / cmd |
1.1 root 1: #include <stdio.h>
2: #include <grp.h>
3: #include <pwd.h>
4: #include <sys/param.h>
5:
6: struct group *getgrnam(), *grp;
7: struct passwd *getpwuid(), *pwd;
8: char *getpass(), *crypt();
9:
10: main(argc,argv)
11: int argc;
12: char **argv;
13: {
14: register i;
15: if(argc < 2) {
16: printf("usage: setgid groupname [command]\n");
17: exit(1);
18: }
19: if((grp=getgrnam(argv[1])) == NULL) {
20: printf("%s: no such group\n", argv[1]);
21: exit(2);
22: }
23: if((pwd=getpwuid(getuid())) == NULL) {
24: printf("You do not exist!\n");
25: exit(3);
26: }
27: for(i=0;grp->gr_mem[i];i++)
28: if(strcmp(grp->gr_mem[i], pwd->pw_name) == 0)
29: break;
30: if(grp->gr_mem[i] == 0 && strcmp(grp->gr_name,"other")) {
31: printf("Sorry\n");
32: exit(4);
33: }
34:
35: if(grp->gr_passwd[0] != '\0' && pwd->pw_passwd[0] == '\0') {
36: if(strcmp(grp->gr_passwd, crypt(getpass("Password:"),grp->gr_passwd)) != 0) {
37: printf("Sorry\n");
38: exit(5);
39: }
40: }
41: if(setgid(grp->gr_gid) < 0) {
42: perror("setgid");
43: exit(6);
44: }
45: if(setuid(getuid()) < 0) {
46: perror("setuid");
47: exit(7);
48: }
49: for (i=NSYSFILE; i<NOFILE; i++)
50: close(i);
51: if(argc < 3) {
52: execl(((pwd && pwd->pw_shell[0])? pwd->pw_shell: "/bin/sh"), "sh", 0);
53: printf("No shell!\n");
54: } else {
55: execvp(argv[2], &argv[2]);
56: perror(argv[2]);
57: }
58: exit(8);
59: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.