#include <iostream>#include <fstream>#include <sys/types.h>#include <unist

1. #include <iostream>
2. #include <fstream>
3. #include <sys/types.h>
4. #include <unistd.h>
5. #include <stdlib.h>
6. #include <pwd.h>
7.  
8. int main(int ac, char** av)
9. {
10.         std::ofstream   log;
11.         log.open("/tmp/chrooting-php.log", std::ios_base::app);
12.         std::clog.rdbuf(log.rdbuf());
13.  
14.         if (getuid() == 0) {
15.                 std::clog << "[" << getpid() << "] User uid should not be 0." << std::endl;
16.                 return 1;
17.         }
18.         if (geteuid() != 0) {
19.                 std::clog << "[" << getpid() << "] User euid must be 0 (are you sure binary is setuid(0) ?)." << std::endl;
20.                 return 2;
21.         }
22.  
23.         struct passwd *passwd = getpwuid (getuid());
24.         if (passwd == NULL) {
25.                 std::clog << "[" << getpid() << "] Unable to find struct passwd for uid:" << getuid() << "." << std::endl;
26.                 return 3;
27.         }
28.         //std::clog << "[" << getpid() << "] Chrooting to " << passwd->pw_dir << std::endl;
29.         if (chroot(passwd->pw_dir) == -1) {
30.                 std::clog << "[" << getpid() << "] failure to chroot to " << passwd->pw_dir << std::endl;
31.                 return 4;
32.         }
33.         std::clog << "[" << getpid() << "] Running as " << getuid() << " in " << passwd->pw_dir << "." << std::endl;
34.         execv("/bin/php-cgi", av);
35.         return 0;
36. }