/* * This was written by Andrew G. Morgan <morgan@kernel.org> * * This is a program that is intended to exec a subsequent program. * The purpose of this 'execcap' wrapper is to limit the inheritable * capabilities of the exec()'d program. All environment variables * are inherited. */ #include <sys/types.h> #include <errno.h> #include <stdio.h> #include <sys/capability.h> #include <unistd.h> #include <string.h> #include <stdlib.h> static void usage(void) { fprintf(stderr, "usage: execcap <caps> <command-path> [command-args...]\n\n" " This program is a wrapper that can be used to limit the Inheritable\n" " capabilities of a program to be executed. Note, this wrapper is\n" " intended to assist in overcoming a lack of support for filesystem\n" " capability attributes and should be used to launch other files.\n" " This program should _NOT_ be made setuid-0.\n\n" "[Copyright (c) 1998 Andrew G. Morgan <morgan@kernel.org>]\n"); exit(1); } int main(int argc, char **argv) { cap_t new_caps; /* this program should not be made setuid-0 */ if (getuid() && !geteuid()) { usage(); } /* check that we have at least 2 arguments */ if (argc < 3) { usage(); } /* parse the first argument to obtain a set of capabilities */ new_caps = cap_from_text(argv[1]); if (new_caps == NULL) { fprintf(stderr, "requested capabilities were not recognized\n"); usage(); } /* set these capabilities for the current process */ if (cap_set_proc(new_caps) != 0) { fprintf(stderr, "unable to set capabilities: %s\n", strerror(errno)); usage(); } /* exec the program indicated by args 2 ... */ execvp(argv[2], argv+2); /* if we fall through to here, our exec failed -- announce the fact */ fprintf(stderr, "Unable to execute command: %s\n", strerror(errno)); usage(); return 0; }