Fetch the supplementary groups properly. Closes #1.

master
Tranquillity Codes 11 months ago
parent 1ed8218c9a
commit 0ecb55bc6d

@ -19,12 +19,13 @@ const c = @cImport({
@cInclude("unistd.h");
@cInclude("grp.h");
@cInclude("crypt.h");
@cInclude("string.h");
});
fn getGroups(alloc: mem.Allocator, passwd: c.passwd) ![]c.gid_t {
var ngr: c_int = 0;
_ = c.getgrouplist(passwd.pw_name, passwd.pw_gid, null, &ngr);
const groups = try alloc.alloc(c.gid_t, @intCast(usize, ngr));
const groups = try alloc.alloc(c.gid_t, @intCast(ngr));
_ = c.getgrouplist(passwd.pw_name, passwd.pw_gid, groups.ptr, &ngr);
return groups;
}
@ -32,16 +33,16 @@ fn getGroups(alloc: mem.Allocator, passwd: c.passwd) ![]c.gid_t {
pub fn main() !u8 {
const stderr = io.getStdErr().writer();
if (os.argv.len <= 1) {
try stderr.print("Not enough arguments\n", .{});
return 1;
try stderr.print("Not enough arguments\n", .{});
return 1;
}
const passwd = c.getpwuid(c.getuid()).*;
const shadowEntry = c.getspnam(passwd.pw_name);
if (shadowEntry == null) {
try stderr.print("Missing setuid on binary {s}\n", .{os.argv[0]});
return 1;
try stderr.print("Missing setuid on binary {s}\n", .{os.argv[0]});
return 1;
}
const shadow = shadowEntry.*;
@ -55,18 +56,20 @@ pub fn main() !u8 {
const gr = c.getgrgid(gr_id).*;
if (gr.gr_gid == wheel.gr_gid) {
const pass = mem.span(c.getpass("#: "));
if (cstr.cmp(shadow.sp_pwdp, c.crypt(pass, shadow.sp_pwdp)) == 0) {
if (c.strcmp(shadow.sp_pwdp, c.crypt(pass, shadow.sp_pwdp)) == 0) {
crypto.utils.secureZero(u8, pass);
_ = c.setuid(0);
_ = c.setgid(0);
const rootGroups = try getGroups(gpa, c.getpwuid(0).*);
_ = c.setgroups(rootGroups.len, rootGroups.ptr);
var argl = ArrayList([]const u8).init(gpa);
for (os.argv[1..]) |arg| {
try argl.append(mem.span(arg));
}
return process.execv(gpa, try argl.toOwnedSlice());
} else {
try stderr.print("Wrong Password\n", .{});
return 1;
try stderr.print("Wrong Password\n", .{});
return 1;
}
break;
}

Loading…
Cancel
Save