[PATCH v2] setpriv: new applet

Assaf Gordon assafgordon at gmail.com
Sun May 14 12:46:49 UTC 2017


Add a minimal 'setpriv' implementation supporting the NO_NEW_PRIVS bit.
As upstream only supports long options (--nnp/--no-new-privs),
A non-standard "-N" option is also added for the applet.

Typical usage:

    $ busybox setpriv sudo uname
    Linux
    $ busybox setpriv --nnp sudo uname
    sudo: effective uid is not 0, is /usr/bin/sudo on a file system with
    the 'nosuid' option set or an NFS file system without root privileges?

Signed-off-by: Assaf Gordon <assafgordon at gmail.com>
---

Hello,
This patch is a minor fix for parameter handling (detecting when the
program parameter is missing).
Description for 'setpriv' here:
http://lists.busybox.net/pipermail/busybox/2017-May/085448.html

 util-linux/setpriv.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 90 insertions(+)
 create mode 100644 util-linux/setpriv.c

diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c
new file mode 100644
index 0000000..999c9b8
--- /dev/null
+++ b/util-linux/setpriv.c
@@ -0,0 +1,90 @@
+/* vi: set sw=4 ts=4: */
+/*
+ * setpriv implementation for busybox based on linux-utils-ng 2.29
+ *
+ * Copyright (C) 2017 by  <assafgordon at gmail.com>
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
+ *
+ */
+//config:config SETPRIV
+//config:	bool "setpriv"
+//config:	default y
+//config:	select PLATFORM_LINUX
+//config:	help
+//config:	  run a program with different Linux privilege settings
+//config:	  currently only --no-new-privs is supported
+//config:	  Requires kernel >= 3.5
+//config:
+//config:config FEATURE_SETPRIV_LONG_OPTS
+//config:	bool "Enable long options"
+//config:	default y
+//config:	depends on SETPRIV && LONG_OPTS
+//config:	help
+//config:	  Support long options for the setpriv applet. This makes
+//config:	  the busybox implementation more compatible with upstream.
+
+//applet:IF_SETPRIV(APPLET(setpriv, BB_DIR_BIN, BB_SUID_DROP))
+
+//kbuild:lib-$(CONFIG_SETPRIV) += setpriv.o
+
+//usage:#if ENABLE_FEATURE_SETPRIV_LONG_OPTS
+//usage:#define setpriv_trivial_usage
+//usage:	"[-N|--nnp|--no-new-privs] PROG [ARGS]"
+//usage:#define setpriv_full_usage "\n\n"
+//usage:       "run a program with different Linux privilege settings\n"
+//usage:     "\n-N,--nnp,--no-new-privs	 Set the no_new_privs bit\n"
+//usage:#define setpriv_example_usage
+//usage:       "$ setpriv --nnp my-program"
+//usage:#else
+//usage:#define setpriv_trivial_usage
+//usage:	"[-N] PROG [ARGS]"
+//usage:#define setpriv_full_usage "\n\n"
+//usage:       "run a program with different Linux privilege settings\n"
+//usage:     "\n-N	 Set the no_new_privs bit\n"
+//usage:#define setpriv_example_usage
+//usage:       "$ setpriv -N my-program"
+//usage:#endif
+
+#include <sys/syscall.h>
+#include <sys/prctl.h>
+#include <asm/unistd.h>
+#include "libbb.h"
+
+
+enum {
+	OPT_nnp	= 1 << 0
+};
+
+/*
+ * Upstream setpriv doesn't support the short option for --nnp/--no-new-privs.
+ * Invent new short-option 'N'
+ */
+static const char opt_str[] ALIGN1 = "N";
+
+#if ENABLE_FEATURE_SETPRIV_LONG_OPTS
+static const char setpriv_longopts[] ALIGN1 =
+	"nnp\0"				No_argument	"N"
+	"no-new-privs\0"	No_argument	"N"
+;
+#endif
+
+int setpriv_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int setpriv_main(int argc UNUSED_PARAM, char **argv)
+{
+	unsigned int opts;
+
+	IF_FEATURE_SETPRIV_LONG_OPTS(applet_long_options = setpriv_longopts);
+	opts = getopt32(argv, opt_str);
+	argv += optind;
+
+	/* after getopt32, argv[0] is the name of the program to execute */
+	if (!argv[0])
+		bb_show_usage();
+
+	if (opts & OPT_nnp)
+		if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0))
+			bb_simple_perror_msg_and_die("prctl(): failed to NO_NEW_PRIVS");
+
+	BB_EXECVP_or_die(argv);
+}
-- 
2.1.4



More information about the busybox mailing list