Re: Generic wrapper

[jzbiciak () DALDD SC TI COM (Joe Zbiciak)]

'Jonathan Rozes' said previously:

| One caveat: this wrapper will break programs with symbolic links that perform
| different functions of the wrapped program (like sendmail, which has links
| for mailq and newaliases). This is because the wrapper resets argv[0] to the
| name of the wrapper program before executing the wrapped program.

You would need to install separate copies of the wrapper in place of these
symbolic links.

| I commented out the offending line in the wrapper and things work as they
| should now. What security implications are there to not resetting argv[0]?

Basically, argv[0] is currently completely unchecked.  (No check was
necessary since I was replacing argv[0].)

To merely check/pass along argv[0], you also need to change the for loop
near the top of main().  Change as follows:

From:
    for (i=1;i<argc && argv[i]!=0;i++)

To:
    for (i=0;i<argc && argv[i]!=0;i++)


The long-term fix would be to have the wrapper extract the basename from
argv[0], and look it up in a list of allowed program names.  If found,
reset argv[0] to just the basename and pass that to the wrapped program.
Otherwise, report it as an error/exploit attempt.

I could try to add that, if anyone's interested.

Regards,

--Joe

--
 +--------------Joseph Zbiciak--------------+
 |- - - - jzbiciak () daldd sc ti com - - - - -|
 | - - http://ee1.bradley.edu/~im14u2c/ - - |      Not your average "Joe."
 |- - - - Texas Instruments,  Dallas - - - -|
 +-------#include <std_disclaimer.h>--------+