Sync from VDR4Arch (https://github.com/VDR4Arch/vdr4arch/commit/3bf8a4492e3b973a559fd2c53855b231e25c7e74)

author: Christopher Reimer 2015-06-08 11:10:31 +0200
committer: Christopher Reimer 2015-06-08 11:10:31 +0200
commit: f196911797c77794bd5037ec5f533b297e2e14f1 (patch)
tree: 8fdb7a11f712fba42f0d93777dd61487d06bb806 /shutdown-wrapper.c
download: aur-f196911797c77794bd5037ec5f533b297e2e14f1.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/shutdown-wrapper.c b/shutdown-wrapper.c
new file mode 100644
index 000000000000..6708fa2f418c
--- /dev/null
+++ b/shutdown-wrapper.c
@@ -0,0 +1,27 @@
+//
+// Simple shutdown-wrapper with focus on security
+//
+// Version:	1.0	Thu Jul  9 16:28:42 CEST 2009
+//
+// Author:	Manuel Reimer <manuel.reimer@gmx.de>
+//
+
+#define REAL_PATH "/usr/lib/vdr/bin/shutdown.sh"
+
+#include <unistd.h>
+
+int main(int argc, char *argv[]){
+  // We pass a secure environment to the called script.
+  char *const envParms[4] = {
+    "PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin",
+    "HOME=/root",
+    "TERM=linux",
+    NULL
+  };
+  // Drop whatever working directory the caller set for us and go HOME
+  chdir("/root");
+  // Get root and execute shutdown.sh
+  setuid(0);
+  execve(REAL_PATH, argv, envParms);
+  return 0;
+}
author	Christopher Reimer	2015-06-08 11:10:31 +0200
committer	Christopher Reimer	2015-06-08 11:10:31 +0200
commit	f196911797c77794bd5037ec5f533b297e2e14f1 (patch)
tree	8fdb7a11f712fba42f0d93777dd61487d06bb806 /shutdown-wrapper.c
download	aur-f196911797c77794bd5037ec5f533b297e2e14f1.tar.gz