File: zenmap_auth.c

package info (click to toggle)
nmap 6.47-3%2Bdeb8u2
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 44,788 kB
  • ctags: 25,108
  • sloc: ansic: 89,741; cpp: 62,412; sh: 19,492; python: 17,323; xml: 11,413; perl: 2,529; makefile: 2,503; yacc: 608; lex: 469; asm: 372; java: 45
file content (73 lines) | stat: -rw-r--r-- 2,301 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
/*
	This program attempts to run the program EXECUTABLE_NAME in the same
	directory as itself using AuthorizationExecuteWithPrivileges. If the
	authorization fails or is canceled, EXECUTABLE_NAME is run without
	privileges using a plain exec.

	This program is the first link in the chain
		zenmap_auth -> zenmap_wrapper.py -> zenmap.bin
*/

#include <errno.h>
#include <libgen.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>

#define EXECUTABLE_NAME "zenmap_wrapper.py"

int main(int argc, char *argv[]) {
	AuthorizationItem items[] = {
		{ kAuthorizationRightExecute, 0, NULL, 0 }
	};
	AuthorizationRights rights = { 1, items };
	AuthorizationRef ref;
	AuthorizationFlags flags;
	OSStatus status;
	char executable_path[1024];
	const char *cwd;
	size_t len_cwd;
	int return_code;

	cwd = dirname(argv[0]);
	len_cwd = strlen(cwd);
	if (sizeof(executable_path) < len_cwd + strlen("/") + strlen(EXECUTABLE_NAME) + 1) {
		fprintf(stderr, "Not enough room to store executable path: %s\n", strerror(errno));
		exit(1);
	}
	strcpy(executable_path, cwd);
	executable_path[len_cwd] = '/';
	strcpy(executable_path + len_cwd + 1, EXECUTABLE_NAME);

	flags = kAuthorizationFlagDefaults
		| kAuthorizationFlagInteractionAllowed
		| kAuthorizationFlagPreAuthorize
		| kAuthorizationFlagExtendRights;
	status = AuthorizationCreate(&rights, kAuthorizationEmptyEnvironment, flags, &ref);
	if (status != errAuthorizationSuccess) {
		if (status != errAuthorizationCanceled)
			fprintf(stderr, "Couldn't create authorization reference (status code %ld).\n", status);
		errno = 0;
		execv(executable_path, argv);
		fprintf(stderr, "Couldn't exec '%s': %s.\n", executable_path, strerror(errno));
		exit(1);
	}

	status = AuthorizationExecuteWithPrivileges(ref, executable_path,
		kAuthorizationFlagDefaults, argv + 1, NULL);
	AuthorizationFree(ref, kAuthorizationFlagDefaults);
	if (status != errAuthorizationSuccess) {
		fprintf(stderr, "Couldn't execute '%s' with privileges (status code %ld).\n", executable_path, status);
		errno = 0;
		execv(executable_path, argv);
		fprintf(stderr, "Couldn't exec '%s': %s.\n", executable_path, strerror(errno));
		exit(1);
	}

	wait(&return_code);
	exit(return_code);
}