Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <iostream>
- #include <fstream>
- #include <sys/types.h>
- #include <unistd.h>
- #include <stdlib.h>
- #include <pwd.h>
- int main(int ac, char** av)
- {
- std::ofstream log;
- log.open("/tmp/chrooting-php.log", std::ios_base::app);
- std::clog.rdbuf(log.rdbuf());
- if (getuid() == 0) {
- std::clog << "[" << getpid() << "] User uid should not be 0." << std::endl;
- return 1;
- }
- if (geteuid() != 0) {
- std::clog << "[" << getpid() << "] User euid must be 0 (are you sure binary is setuid(0) ?)." << std::endl;
- return 2;
- }
- struct passwd *passwd = getpwuid (getuid());
- if (passwd == NULL) {
- std::clog << "[" << getpid() << "] Unable to find struct passwd for uid:" << getuid() << "." << std::endl;
- return 3;
- }
- //std::clog << "[" << getpid() << "] Chrooting to " << passwd->pw_dir << std::endl;
- if (chroot(passwd->pw_dir) == -1) {
- std::clog << "[" << getpid() << "] failure to chroot to " << passwd->pw_dir << std::endl;
- return 4;
- }
- std::clog << "[" << getpid() << "] Running as " << getuid() << " in " << passwd->pw_dir << "." << std::endl;
- execv("/bin/php-cgi", av);
- return 0;
- }
Add Comment
Please, Sign In to add comment