diff options
Diffstat (limited to 'shutdown-wrapper.c')
-rw-r--r-- | shutdown-wrapper.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/shutdown-wrapper.c b/shutdown-wrapper.c new file mode 100644 index 000000000000..6708fa2f418c --- /dev/null +++ b/shutdown-wrapper.c @@ -0,0 +1,27 @@ +// +// Simple shutdown-wrapper with focus on security +// +// Version: 1.0 Thu Jul 9 16:28:42 CEST 2009 +// +// Author: Manuel Reimer <manuel.reimer@gmx.de> +// + +#define REAL_PATH "/usr/lib/vdr/bin/shutdown.sh" + +#include <unistd.h> + +int main(int argc, char *argv[]){ + // We pass a secure environment to the called script. + char *const envParms[4] = { + "PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin", + "HOME=/root", + "TERM=linux", + NULL + }; + // Drop whatever working directory the caller set for us and go HOME + chdir("/root"); + // Get root and execute shutdown.sh + setuid(0); + execve(REAL_PATH, argv, envParms); + return 0; +} |