I need to programmely switch the current user to another,then the followed code should be executed in the environment(such as path,authority..) of another user.
I've find the 'chroot()','setuid()' may be associated with my case, but these functions need the root authority, I don't have root authority, but I have the password of the second user. what should I do?
I have tried shell "su - " can switch current user, can this command help me in my C++ code?
Don't laugh at me if my question is very stupid, I'm a true freshman on linux. :)
Thanks!
when clients connect to the server,
the server transfer the data what they
need,but the precondition is the
correct username and password.
If your primary requirement is to authenticate, then try man pam. There are also some libraries allowing to auth over LDAP. Unfortunately I have no personal experience implementing neither.
Otherwise, recreating complete user environment is unreliable and error prone. Imaging a typo or endless loop but in user's ~/.profile.
I haven't done that for some time, but I would also have tried to dig in direction of "su", figuring out user shell (from /etc/passwd) and trying to exec() it as if it was a login shell (with "-"). But after that you would need somehow to communicate a command for execution to it and that's a problem: shells run differently in batch more and in interactive mode. As a possible hack, expect (man expect) comes to mind, but it is still IMO too unreliable.
I have in past used ssh under expect (to input the password), but it was breaking on customized user profiles every other time. With expect, to send a command, one has to recognize somehow that shell has finished initialization (execution of profile and rc files). But since many people customize the shell prompt and their profile/rc files print extra info, it was quite often that expect was recognizing shell prompt too soon.
BTW, depending on number of users, one can try a setup where users manually start the server under their own account. The server would have access only to the information which is only accessible to the user.
You can use the system function to execute shell commands on the operating system.
You could take a look at the source code of the login command, or you could try using the exec()-family functions to call on login.
EDIT: Seems like you will need root access in any case.
Is setuid what you're looking for?
I think the key point here is that you can't change the user of the running process (easily). All the programs like 'su' are effectively starting a new process as the specified user.
Therefore, in your design I would recommend seperating off the functionality that needs to be done into a different executable and then investigate using execve() to start it.
Related
I am using paramiko library to connect with a specialized environment. Its based on linux but when we SSH in it provide its own shell. We can write help to get list of all commands that are supported in that session.
I am using paramiko with python2.7 to provide a CLI client (it automates few things) that connect with the host and let us run the supported commands. Now I would like to provide tab-completion in the client CLI. I am not sure how this can be done. I am thinking there would be some support or some specialize character that can be send to get back response but I am not sure how it can be accomplished.
I am hoping to avoid sending help command, parse the list of commands supported, and then provide a local tab-completion based on list of command. I want a more generic and dynamic solution.
Any or all ideas are welcome.
You can try simulating the partial input and the Tab key press and parsing the results, undoing the simulated input afterwards. But that is not a good idea. You will have to end up re-implementing terminal emulation, what is an insane task. Without a full terminal implementation, you can never be sure that you never get an output that you won't be able to parse.
The shell is a black box with input and output. It should only be used as such. You should never try to "understand" its output.
Using the help command is a way more reliable solution.
My question is similar to this question, but i didn't get my answer.
I am trying to design a judge.
The users of the online judge system submit their source code, then
the server program compiles and runs it. So the server program must
keep the server safe.
And there are a lot of things a user can use to make changes to the server.
How can i change the permission of a program? So that compiled code won't be able to do anything except printing something!
P.S: searching for suspicioius words is not a good idea. For instance, The user can use the following command instead of word system in C++:
#define glue(a,b) a ## b
glue(sys,tem) ("rm *"); //DO NOT RUN THIS CODE
So actually user used the following code without using the word system:
system ("rm *"); //DO NOT RUN THIS CODE
The are two options for you: the one you are currently looking into - trying to make your compiler, aka the server process that runs the user provided source code detect "exploits". And that might be hard. If you allow users to send you c++ source code, there is a lot of things that become possible. I guess you would need some real c++ gurus in order to get that solution even "half way secure".
So, option two: you have to run that user-provided input within some sort of sandbox. Examples could be:
A docker container (but for sure: a non-privileged container; run by a user, not root)
A virtual machine
If you are serious about what you are doing, you would probably focus on option 2 first (because that gives you a lot of benefit, at medium cost); but you definitely want to look into option 1, too (because one could learn from that a lot).
You can run them in a chroot jail, with user id set to nobody or some nonce account if nobody actually can do something significant. (You can use su or sudo for this.) Or even in their own VM. Pipe the output into a file, and read it from your judge program.
I recently switched to Mutt. Being able to backing up emails sounds cool. I use rsync to do so but I have a big headache. I use Maildir format. Each time Mutt opens an email, it changes the file name of the email, e.g. it likes to add one ",S" to the end. Then weeks later when I back up my mails, rsync is driven crazy. I guess Mutt does so because of some concurrency issues but as a personal user I do not have to worry about this. I hope to tell Mutt to keep the names of email files permanently unchanged. Question: how?
the ,S ismaildir flag for seen ("mark as read"). that's the way maildirs work, i can't tell whether you can run mutt in read-only mode as far as that is concerned.
usually, when working with maildirs, it's a better idea to use a maildir-awaresynchronization like mbsync. it will know of those flags and synchronize more efficiently because it can rely on all involved utilities to be aware of the ways to handle maildirs (that is, don't change files in-place, how to set flags etc).
I know there are many other ways to do this but I want to know how to fill in the password question of the windows the run as command automatically.
system("runas /user:\"benedikt\" \"xy.exe\"");
is there any way to do this? I googled a long time but i only found a lot of tools doing wat I want to do and not a way to do this for myself.
PS: I do not want to use any .Net functions.
OK, I'm going out on a limb here, because I'm not 100% sure that there isn't some (convoluted) way to achieve what you are looking for using stock runas. However, Why doesn't the RunAs program accept a password on the command line?, suggests there isn't - deliberately so to prevent "security issues" with plain-text passwords in command lines, batch files and tools that can view a command line (like Process Explorer).
BTW, a simple echo <password> | runas /user:<user> <command> doesn't seem to work either (it skips over the prompt for the password, but the password itself is not read by runas it seems).
So I guess you have to resort to some other means, like using the real API behind it all: CreateProcessWithLogin.
Inside a service, what is the best way to determine a special folder path (e.g., "My Documents") for a specific user? SHGetFolderPath allows you to pass in a token, so I am assuming there is some way to impersonate the user whose folder you are interested in.
Is there a way to do this based just on a username? If not, what is the minimum amount of information you need for the user account? I would rather not have to require the user's password.
(Here is a related question.)
Please, do not go into the registry to find this information. That location might change in future versions of Windows. Use SHGetFolderPath instead.
http://msdn.microsoft.com/en-us/library/bb762181(VS.85).aspx
Edit: It looks like LogonUser will provide the token for the other user that you need.
You might try calling ImpersonateLoggedOnUser() to modify a user token for another user, and then passing that to SHGetFolderPath(). Based on the doc for ImpersonateLoggedOnUser(), it looks like you can call LogonUser() to get a token for a specific user.
Just from reading around, I'd guess that the user in question must be logged on in some form in order for this to work. I recall one page stating that the user's registry hive must be mounted in order for this to work (which makes some sense I suppose).
I would mount the user's registry hive and look for the path value. Yes, it's a sub-optimal solution, for all the reasons mentioned (poor forwards compatibility, etc.). However, like many other things in Windows, MS didn't provide an API way to do what you want to do, so it's the best option available.
You can get the SID (not GUID) of the user by using LookupAccountName. You can load the user's registry hive using LoadUserProfile, but unfortunately this also requires a user token, which is going to require their password. Fortunately, you can manually load the hive using RegLoadKey into an arbitrary location, read the data, and unload it (I think).
Yes, it's a pain, and yes, it's probably going to break in future versions of Windows. Perhaps by that time MS will have provided an API to do it, back-ported it into older versions of Windows, and distributed it automatically through Windows update... but I wouldn't hold my breath.
P.S. This information intended to augment the information provided in your related question, including disclaimers.
This information is stored in the registry in the key "HKEY_USERS\S-1-5-21-616815238-485949776-2992451252-3228\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders".
The "S-1-5-21-616815238-485949776-2992451252-3218" is the GUID of the user. You need to get this GUID to find the corresponding key and read it.
In this example they use SHGetFolderPath function you mention and there is a list with all special folders which might be helpful.
NOTE: Microsoft discourages to use the registry key, since it is still there just for backward compatibility