Hi,

On 2/8/21 0:44, aitor wrote:
> Better said, the suid binary can check whether or not the gui has
> handled the signal as expected because
> the default behavior of SIGUSR1 (User defined signal 1) is to
> terminate the process. See the table at the
> end of the link:
>
> https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals
> <https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals>
>
> I.e., when such a intruder is acting the
> PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"
> no longer exists.

Here you are the code:

https://www.gnuinos.org/suid/ <https://www.gnuinos.org/suid/>


** HOWTO: **

1) Install Jude Nelson's libpstat:

$ git clone https://github.com/jcnelson/libpstat.git
$ cd libpstat
$ make OS=LINUX
$ sudo make install PREFIX=/ INCLUDE_PREFIX=/usr


2) Open an empty directory and download the files:

$ wget https://www.gnuinos.org/suid/Makefile
$ wget https://www.gnuinos.org/suid/gui.c
$ wget https://www.gnuinos.org/suid/suid.c
$ wget https://www.gnuinos.org/suid/intruder.c


3) Install libgtk-3-dev:

$ sudo apt-get install libgtk-3-dev


4) Build the files:

$ make


5) Run the GUI in the command line and click on the button several times:

$ ./gui

You'll get:

From GUI: Received a 10 (SIGUSR1) signal sent from the suid
From SUID: Ok, go on!


6) Open a new tab in the command line and run the intruder (the GUI
remains running):

$ ./intruder

You'll get:

Foreign PID to use: 4301
From SUID: Stop, you're an intruder!

If you have a look at the code of both programs, they're trying to do
the same (using the intruder a foreign pid).
Keep in mind that, for our testing purposes, all the binaries must be
located in the same directory, since
we're using:

key_t key = ftok(".", 's');

to access the same shared memory segment.

Cheers,

Aitor.