/**
@file rssu.c
@author Mitch Richling <http://www.mitchr.me/>
@Copyright Copyright 1993 by Mitch Richling. All rights reserved.
@brief Sudo replacement@EOL
@Keywords UNIX sudo suid
@Std ISOC UNIX98 SYSV BSD4.3
Compile: cc rssu.c -o rssu; chown 0.0 rssu; chmod a+rxs rssu
This handy little program is an abomination of all
that is holy in UNIX security. It checks the UID
of the user and if it is OK, runs a root shell for
the user. This requires no password. This program
is generally a very bad idea.
@Tested
- Solaris 2.8
- MacOS X.2
- Linux (RH 7.3)
*/
#include <unistd.h> /* UNIX std stf POSIX */
#include <syslog.h> /* UNIX syslog UNIX */
#include <pwd.h> /* UNIX passwd POSIX */
#include <stdlib.h> /* Standard Lib ISOC */
#include <stdio.h> /* I/O lib ISOC */
#define VALID_UID 501
#define ROOT_UID 0
#define ROOT_GID 0
#define COMMAND_STR "/bin/bash"
#define COMMAND_STR_DESC "ls"
int main(int argc, char *argv[]);
int main(int argc, char *argv[]) {
char strBuf[1024];
if((geteuid() != ROOT_UID) || (getegid() != ROOT_GID) || (getuid() != VALID_UID)) {
sprintf(strBuf, "rssu: Failure by uid=%ld", (long)getuid());
syslog(LOG_NOTICE | LOG_AUTH, strBuf);
return 1;
} else {
sprintf(strBuf, "rssu: Success by uid=%ld", (long)getuid());
syslog(LOG_NOTICE | LOG_AUTH, strBuf);
setuid(ROOT_UID);
setgid(ROOT_GID);
setreuid(ROOT_UID, ROOT_UID);
execlp(COMMAND_STR, COMMAND_STR_DESC, (char *)0);
return 0;
} /* end if/else */
} /* end func main */
Generated by GNU Enscript 1.6.5.2.