From 53e3c86c58e460b5ebbb6d66c97371a8238685d1 Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Sun, 26 Nov 2017 16:24:03 +0100 Subject: [PATCH] examples/ld_nfs.c: feature: faking uid and gid add the possiblity of faking the uid and the gid in the nfs context. uid and gid value are read from env variables LD_NFS_UID and LD_NFS_GID. This can be useful on "insecure" enabled NFS share to make the server trust you as a root. Few lines added to the README to document the feature. --- README | 5 +++++ examples/ld_nfs.c | 15 +++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/README b/README index e38890d..cbf1d3d 100644 --- a/README +++ b/README @@ -151,6 +151,11 @@ LD_NFS_DEBUG=9 LD_PRELOAD=./ld_nfs.so cat nfs://127.0.0.1/data/tmp/foo123 LD_NFS_DEBUG=9 LD_PRELOAD=./ld_nfs.so cp nfs://127.0.0.1/data/tmp/foo123 nfs://127.0.0.1/data/tmp/foo123.copy +LD_NFS_UID and LD_NFS_GID can be used to fake the uid andthe gid in the nfs context. +This can be useful on "insecure" enabled NFS share to make the server trust you as a root. +You can try to run as a normal user things like : +LD_NFS_DEBUG=9 LD_NFS_UID=0 LD_NFS_GID=0 LD_PRELOAD=./ld_nfs.so chown root:root nfs://127.0.0.1/data/tmp/foo123 + This is just a toy preload module. Don't open bugs if it does not work. Send patches to make it better instead. diff --git a/examples/ld_nfs.c b/examples/ld_nfs.c index 05e0f40..5003342 100644 --- a/examples/ld_nfs.c +++ b/examples/ld_nfs.c @@ -34,6 +34,8 @@ #define NFS_MAX_FD 255 static int debug = 0; +static int nfsuid = -1; +static int nfsgid = -1; #ifndef discard_const #define discard_const(ptr) ((void *)((intptr_t)(ptr))) @@ -79,6 +81,11 @@ int open(const char *path, int flags, mode_t mode) return -1; } + if (nfsuid >= 0) + nfs_set_uid(nfs, nfsuid); + if (nfsgid >= 0) + nfs_set_gid(nfs, nfsgid); + url = nfs_parse_url_full(nfs, path); if (url == NULL) { LD_NFS_DPRINTF(1, "Failed to parse URL: %s\n", @@ -675,6 +682,14 @@ static void __attribute__((constructor)) _init(void) debug = atoi(getenv("LD_NFS_DEBUG")); } + if (getenv("LD_NFS_UID") != NULL) { + nfsuid = atoi(getenv("LD_NFS_UID")); + } + + if (getenv("LD_NFS_GID") != NULL) { + nfsgid = atoi(getenv("LD_NFS_GID")); + } + real_open = dlsym(RTLD_NEXT, "open"); if (real_open == NULL) { LD_NFS_DPRINTF(0, "Failed to dlsym(open)");