Voir :
Voir aussi :
#include <stdio.h> #include <string.h> #include <malloc.h> main(int argc, char **argv) { int i, size; #define SEPARATEUR " " char *cmdline; for (i=1; i < argc; i++) size += strlen(SEPARATEUR) + strlen(argv[i]); cmdline = malloc(size); if (cmdline ) { memset(cmdline, 0, size); for (i=1; i < argc; i++) { strcat(cmdline, argv[i]); strcat(cmdline, SEPARATEUR); } } printf("-- %s --", cmdline); system(cmdline); }
Voir : https://stackoverflow.com/questions/2146059/limiting-syscall-access-for-a-linux-application
Is the application linked statically?
If not, you may override some symbols, for example, let's redefine socket:
int socket(int domain, int type, int protocol) {
write(1,"Error\n",6);
return -1;
}
Then build a shared library:
gcc -fPIC -shared test.c -o libtest.so
Let's run:
nc -l -p 6000
Ok.
And now:
$ LD_PRELOAD=./libtest.so nc -l -p 6000 Error Can't get socket
What happens when you run with variable LD_PRELOAD=./libtest.so? It overrides with symbols defined in libtest.so over those defined in the C library.
$ man gets
...
(DEPRECATED)
Never use this function.
BUGS
Never use gets(). Because it is impossible to tell without knowing the data in advance how many characters gets() will read, and because gets() will continue to store characters past the end of the
buffer, it is extremely dangerous to use. It has been used to break computer security. Use fgets() instead.
For more information, see CWE-242 (aka "Use of Inherently Dangerous Function") at http://cwe.mitre.org/data/definitions/242.html
...