Security fix: sendhup could be exploited
This commit is contained in:
parent
19a3a7f64b
commit
7980f6171c
1 changed files with 21 additions and 4 deletions
25
sendhup.cpp
25
sendhup.cpp
|
|
@ -2,12 +2,29 @@
|
|||
#include <sstream>
|
||||
#include <stdlib.h>
|
||||
|
||||
using namespace std;
|
||||
|
||||
void usage(const string& argv0)
|
||||
{
|
||||
cout << "Usage: " << argv0 << " (freeradius|dnsmasq)" << endl;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
if (argc < 2)
|
||||
if (argc < 2) {
|
||||
usage(argv[0]);
|
||||
return 0;
|
||||
std::ostringstream s;
|
||||
s << "pkill -HUP " << argv[1];
|
||||
//system("/etc/init.d/freeradius reload");
|
||||
}
|
||||
|
||||
string argv1 { argv[1] };
|
||||
|
||||
// We're setuid, prevent people from abusing this
|
||||
if (argv1 != "freeradius" && argv1 != "dnsmasq") {
|
||||
usage(argv[0]);
|
||||
return 1;
|
||||
}
|
||||
|
||||
ostringstream s;
|
||||
s << "pkill -HUP " << argv1;
|
||||
system(s.str().c_str());
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue