summarylogtreecommitdiffstats
path: root/shutdown-wrapper.c
diff options
context:
space:
mode:
Diffstat (limited to 'shutdown-wrapper.c')
-rw-r--r--shutdown-wrapper.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/shutdown-wrapper.c b/shutdown-wrapper.c
new file mode 100644
index 000000000000..6708fa2f418c
--- /dev/null
+++ b/shutdown-wrapper.c
@@ -0,0 +1,27 @@
+//
+// Simple shutdown-wrapper with focus on security
+//
+// Version: 1.0 Thu Jul 9 16:28:42 CEST 2009
+//
+// Author: Manuel Reimer <manuel.reimer@gmx.de>
+//
+
+#define REAL_PATH "/usr/lib/vdr/bin/shutdown.sh"
+
+#include <unistd.h>
+
+int main(int argc, char *argv[]){
+ // We pass a secure environment to the called script.
+ char *const envParms[4] = {
+ "PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin",
+ "HOME=/root",
+ "TERM=linux",
+ NULL
+ };
+ // Drop whatever working directory the caller set for us and go HOME
+ chdir("/root");
+ // Get root and execute shutdown.sh
+ setuid(0);
+ execve(REAL_PATH, argv, envParms);
+ return 0;
+}