Hi,
On 2/8/21 0:44, aitor wrote:
> Better said, the suid binary can check whether or not the gui has
> handled the signal as expected because
> the default behavior of SIGUSR1 (User defined signal 1) is to
> terminate the process. See the table at the
> end of the link:
>
> https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals
> <https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals>
>
> I.e., when such a intruder is acting the
> PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"
> no longer exists.
Here you are the code:
https://www.gnuinos.org/suid/ <
https://www.gnuinos.org/suid/>
** HOWTO: **
1) Install Jude Nelson's libpstat:
$ git clone
https://github.com/jcnelson/libpstat.git
$ cd libpstat
$ make OS=LINUX
$ sudo make install PREFIX=/ INCLUDE_PREFIX=/usr
2) Open an empty directory and download the files:
$ wget
https://www.gnuinos.org/suid/Makefile
$ wget
https://www.gnuinos.org/suid/gui.c
$ wget
https://www.gnuinos.org/suid/suid.c
$ wget
https://www.gnuinos.org/suid/intruder.c
3) Install libgtk-3-dev:
$ sudo apt-get install libgtk-3-dev
4) Build the files:
$ make
5) Run the GUI in the command line and click on the button several times:
$ ./gui
You'll get:
From GUI: Received a 10 (SIGUSR1) signal sent from the suid
From SUID: Ok, go on!
6) Open a new tab in the command line and run the intruder (the GUI
remains running):
$ ./intruder
You'll get:
Foreign PID to use: 4301
From SUID: Stop, you're an intruder!
If you have a look at the code of both programs, they're trying to do
the same (using the intruder a foreign pid).
Keep in mind that, for our testing purposes, all the binaries must be
located in the same directory, since
we're using:
key_t key = ftok(".", 's');
to access the same shared memory segment.
Cheers,
Aitor.