examples/ld_nfs.c: feature: faking uid and gid
add the possiblity of faking the uid and the gid in the nfs context. uid and gid value are read from env variables LD_NFS_UID and LD_NFS_GID. This can be useful on "insecure" enabled NFS share to make the server trust you as a root. Few lines added to the README to document the feature.libnfs-4.0.0-vitalif
parent
a3b793342b
commit
53e3c86c58
5
README
5
README
|
@ -151,6 +151,11 @@ LD_NFS_DEBUG=9 LD_PRELOAD=./ld_nfs.so cat nfs://127.0.0.1/data/tmp/foo123
|
|||
|
||||
LD_NFS_DEBUG=9 LD_PRELOAD=./ld_nfs.so cp nfs://127.0.0.1/data/tmp/foo123 nfs://127.0.0.1/data/tmp/foo123.copy
|
||||
|
||||
LD_NFS_UID and LD_NFS_GID can be used to fake the uid andthe gid in the nfs context.
|
||||
This can be useful on "insecure" enabled NFS share to make the server trust you as a root.
|
||||
You can try to run as a normal user things like :
|
||||
LD_NFS_DEBUG=9 LD_NFS_UID=0 LD_NFS_GID=0 LD_PRELOAD=./ld_nfs.so chown root:root nfs://127.0.0.1/data/tmp/foo123
|
||||
|
||||
This is just a toy preload module. Don't open bugs if it does not work. Send
|
||||
patches to make it better instead.
|
||||
|
||||
|
|
|
@ -34,6 +34,8 @@
|
|||
#define NFS_MAX_FD 255
|
||||
|
||||
static int debug = 0;
|
||||
static int nfsuid = -1;
|
||||
static int nfsgid = -1;
|
||||
|
||||
#ifndef discard_const
|
||||
#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
|
||||
|
@ -79,6 +81,11 @@ int open(const char *path, int flags, mode_t mode)
|
|||
return -1;
|
||||
}
|
||||
|
||||
if (nfsuid >= 0)
|
||||
nfs_set_uid(nfs, nfsuid);
|
||||
if (nfsgid >= 0)
|
||||
nfs_set_gid(nfs, nfsgid);
|
||||
|
||||
url = nfs_parse_url_full(nfs, path);
|
||||
if (url == NULL) {
|
||||
LD_NFS_DPRINTF(1, "Failed to parse URL: %s\n",
|
||||
|
@ -675,6 +682,14 @@ static void __attribute__((constructor)) _init(void)
|
|||
debug = atoi(getenv("LD_NFS_DEBUG"));
|
||||
}
|
||||
|
||||
if (getenv("LD_NFS_UID") != NULL) {
|
||||
nfsuid = atoi(getenv("LD_NFS_UID"));
|
||||
}
|
||||
|
||||
if (getenv("LD_NFS_GID") != NULL) {
|
||||
nfsgid = atoi(getenv("LD_NFS_GID"));
|
||||
}
|
||||
|
||||
real_open = dlsym(RTLD_NEXT, "open");
|
||||
if (real_open == NULL) {
|
||||
LD_NFS_DPRINTF(0, "Failed to dlsym(open)");
|
||||
|
|
Loading…
Reference in New Issue