Security fix: sendhup could be exploited

This commit is contained in:
Andy Teijelo Pérez 2016-09-30 09:04:38 -04:00
parent 19a3a7f64b
commit 7980f6171c

View file

@ -2,12 +2,29 @@
#include <sstream> #include <sstream>
#include <stdlib.h> #include <stdlib.h>
using namespace std;
void usage(const string& argv0)
{
cout << "Usage: " << argv0 << " (freeradius|dnsmasq)" << endl;
}
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
if (argc < 2) if (argc < 2) {
usage(argv[0]);
return 0; return 0;
std::ostringstream s; }
s << "pkill -HUP " << argv[1];
//system("/etc/init.d/freeradius reload"); string argv1 { argv[1] };
// We're setuid, prevent people from abusing this
if (argv1 != "freeradius" && argv1 != "dnsmasq") {
usage(argv[0]);
return 1;
}
ostringstream s;
s << "pkill -HUP " << argv1;
system(s.str().c_str()); system(s.str().c_str());
} }