Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
How can I determine if a command is successful or exists in C? This will need to be compatible with multiple architectures and routers (don't ask haha)
I was thinking of using popen or system or exec(v)(l). But the command I want to check for is sendmail. Since sendmail is a command that runs forever with no output this will be a little hard to do. Any ideas?
Thanks in advance.
If you know the path to sendmail, then as per the comments, use stat to check if it exists and is executable. If you know the search path then iterate through it and check each one.
If not - you could pass it /dev/null as stdin, in which case it will print an error message and exit. Then you can inspect the exit code from the process - for POSIX systems, the exit code will be 127 if the command could not be executed:
int rc = system("sendmail </dev/null 2>/dev/null");
if (WEXITSTATUS(rc)!=127) {
/* sendmail was found */
}
Of course this requires /dev/null to exist and shell redirects to be available.
I redirected stderr also, otherwise you will get error messages output from sendmail.
Just try to use it. If it's there, and you can execute it, it'll work. If it isn't, it won't and you can see why in errno.
The reason you don't try to check beforehand is twofold, and it's the same with files as with executables. First, you might get the check wrong. A lot of people will make the mistake of checking if a file exists and then wonder why opening it fails. They forgot to check if it's readable. There's no need to duplicate all these checks, just try to open it and see.
The second is it invites a race condition. For example, let's say you have two processes working on the same file. Time is moving down.
Process 1 Process 2
Check if file is readable.
It's readable!
Make the file unreadable.
Open that file.
File fails to open.
That's a very simple example, there are far, far worse consequences to a race condition. It illustrates that checking if a resource can be used and using that resource must be atomic: it has to happen in one single uninterruptible operation.
Avoid popen and system where you can. They run the command through the shell which invites security holes and unintended consequences of non-alphanumeric characters. Instead, use one of the exec[lv]p functions that will search the PATH for the executable without invoking a shell.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
I need to write a C program that launches another program with a modified priority, much as as the nice command does. In order to do that, I would like to find the PID of a process given as an argument (how can I do that?) and modify its priority level (how can I do that?).
Example: The command line might be ./a.out 5 sleep 500 &, and this should produce the same effect as nice -n 5 sleep 500&.
You are focusing on the wrong thing and therefore approaching the problem with the wrong idea. The key requirement is that your program must execute a specified command. Focusing on that will lead you toward how to achieve the process priority goal, at least by helping you frame the question more usefully. For example, you don't need to find any PID, because you don't need to adjust the niceness of an arbitrary process.
So how do you programmatically launch another command? The typical way would be to use one of the functions from the exec family. Since the program name and arguments are comming from the command line, execvp() is probably your best choice.
If you read their docs, you will find that the exec functions replace the process image in the current process. That is, they make the process in which they are called start and run a different program in place of the one it was running before. If the command you're going to launch will run in the current process, then it's the current process whose niceness you want to adjust, and for that there is nice().
You shouldn't need much more than those two functions and a little command-line parsing. Do read those functions' documentation carefully, however, especially execvp()'s, to make sure you set up the arguments correctly.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have created 6 Sockets and simultaneously listening to all of them using select. I want to find out how much time does the CPU take switching from 1 socket to another. Does anyone know; if not can someone guide me please on how to compute this problem!
I think you may have misunderstood what the select call is actually doing, the man page for select says the following:
Three independent sets of file descriptors are watched. Those
listed in readfds will be watched to see if characters become
available for reading (more precisely, to see if a read will not
block; in particu- lar, a file descriptor is also ready on
end-of-file), those in writefds will be watched to see if a
write will not block, and those in exceptfds will be watched for
exceptions. On exit, the sets are modified in place to indicate
which file descriptors actually changed status. Each of the three
file descriptor sets may be specified as NULL if no file descriptors
are to be watched for the corresponding class of events.
So when your call to select returns what it will tell you is which, if any, of the file descriptors are (in your case) ready to be read from. It's then up to you to decide which to read and how to read it.
If you can I'd reccomend tracking down a copy of Unix Network Programming (by Stevens, Fenner, Rudoff). This will give you all the background information and example C code that you will ever want on network programming.
Or look at the tutorial here
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
access() Security Hole
I quote from man page access(2):
Warning: Using access() to check if a user is authorized to, for example, open a file before actually doing so using open(2) creates a security hole, because the user might exploit the short time interval between checking and opening the file to manipulate it. For this reason, the use of this system call should be avoided.
What does this mean, and in what situation would it be a concern?
It is a classic "Time of check to time of use" race condition.
This is a security concern only for Set-user-ID and set-group-ID applications. For applications running as the user itself there is no threat, because the operation in question would be rejected by the operating system anyway.
Consider this scenario: you have a UNIX program running as root via set-user-id. The program uses access to check file permissions of another user, and then runs the file as root, but only if the permission check has been successful. Let's say the program is called securerun, and you run it as follows:
securerun myfile
An attacker can make a program that exploits this security hole to run, using this algorithm:
Write a file xyz of which the user has executing permissions
Start two threads, A and B
Thread A waits a few milliseconds, and executes cp norunning xyz to replace xyz with a file that the attacker wants to run, but has no run permissions to do so
Thread B calls securerun xyz
If the attacker gets lucky by getting his timing right, your securerun would check the execute permissions on the old xyz, but it would run the new xyz, a copy of norunning that the hacker wasn't supposed to run. Since there is a short time window between the check and the execution, the attacker is bound to get lucky at some point, if he tries his strategy many times in a loop.
Typical erroneous code:
Use access to check whether to read file on user's behalf, in a program running with elevated privileges
Short gap here
Open file
During the "short gap", the user might be able to manipulate the file system, for example:
ln -f secret_file.txt non_secret_file.txt
Then open will open the secret file for reading, even though it would have failed the access check had the link been in place at the time the check was done.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Issuing system commands in Linux from C, C++
I see on some text that it is not good to use system() call in linux programming, I wonder what are the real reasons of it? It should consume more memory and maybe more CPU. Apart from these what could be the reason?
For example, if I type system("echo 1 > file"); instead of using fopen(), fwrite() what a hacker can do in my program/linux system? I saw that system() is not advise because of security issues. But how a person can hack a linux system just because of using system() call? I would be glad if someone can explain tangibly what could go bad to use system().
Using system("echo 1 > file"); literally isn't a security risk, just a needless execution of another process where you don't need one.
The risk comes in when you build a string programmatically and then use it with system(). Then you have a risk of Shell Command Injection, where you thought you were building one command, but a malicious user subverts your program by giving you carefully crafted inputs that cause your command to do something you didn't expect.
The problem is that you are trusting the string passed into system to be safe from a trusted source. Suppose you had something like this:
char *command = null;
//Read command from external source;
system(command);
would you able to trust command was safe and not to do something nasty like "rm -fr ~/*" ? Using fopen doesn't make you necessary safe either though because again a hacker could just pass in a name of file such /etc/passwd and read that which you don't want. the bottom line where you program interfaces with the outside world. that is where you to put in some validation and restriction to what an external user can do
System(3) starts another process and runs a command interpreter ("/bin/sh -c") to execute your command. This can be a problem if your program is running with a SUID or SGID bit. The behaviour of the shell is controlled by many environment variables and some of these may be used to gain control of the command interpreter. This situation is similar to executing a SUID or SGID shell script.
For a programming assignment, we have the following requirements:
It needs to be a command-line program written in C.
It needs to read text from a text document. However, we are to do this by using the Unix redirection operator < when running the program rather than having the program load the file itself. (So the program reads the text by pretending it's reading from stdin.)
After reading the data from the file, the program is to poll the user for some extra information before doing its job.
After much research, I can't find a way to retrieve the "old" stdin in order to accomplish part (3). Does anybody know how or if this is even possible?
Technically part (3) is part of a bonus section, which the instructor probably didn't implement himself (it's very lengthy), so it's possible that this is not possible and it's an oversight on his part. However, I certainly don't want to jump to this conclusion.
On linux, i would open the controlling terminal /dev/tty.
Which OS? On Linux the usual trick to accomplish this is to check if stderr is still connected to a tty:
if (isatty(2))
and if so, open a new reading file descriptor to that terminal:
new_stdin = open("/proc/self/fd/2", O_RDONLY);
then duplicate the new file descriptor to stdin (which closes the old stdin):
dup2(new_stdin, 0);
(If stderr has also been redirected, then isatty(2) will return false and you'll have to give up.)
If you run the program like this:
myprog 3<&0 < filename
then you get file descriptor 3 set up for you as a duplicate of stdin. I don't know if this meets the requirements of your assignment, but it might be worth an experiment.