use exec as subproject now

diff --git a/.gitmodules b/.gitmodules
new file mode 100644 (file)
index 0000000..cc9761e
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "exec"]
+       path = exec
+       url = ../exec

diff --git a/exec b/exec
new file mode 160000 (submodule)
index 0000000..4cc21a9
--- /dev/null
+++ b/exec
@@ -0,0 +1 @@
+Subproject commit 4cc21a9192d4f85d7dcee52333e5810d8aadc109

diff --git a/exec.c b/exec.c
deleted file mode 100644 (file)
index 5094091..0000000
--- a/exec.c
+++ /dev/null
@@ -1,62 +0,0 @@
-// 12.11.2022
-#include <unistd.h>
-#include <errno.h>
-
-#define TARGET "###TARGET;"
-
-int main(int argc, char *argv[], char *envp[])
-{
-       uid_t euid;
-       gid_t egid;
-       int r;
-       euid = geteuid();
-       egid = getegid();
-       if ((r = setreuid(euid, euid)))
-               return (r = errno);
-       if ((r = setregid(egid, egid)))
-               return (r = errno);
-       r=execve(TARGET,argv,envp);
-       return r;
-}
-
-/*
-Explanation:
-
-You want to run some program/script with SETUID
-but you don't want to set the SETUID flag of the original program
-or you want to run it as a different user than owner of the program
-Solution:
-You insert the path into the TARGET define,
-compile this file
-and set the user and SETUID flag of the compiled program.
-
-Sidenote:
-
-If you ever think that it could be a good idea to extend this a little
-and make a generalised SETUID launcher to run arbitrary programs
-(instead of a dedicated launcher for each program)
-something like this:
-
-#include <unistd.h>
-#include <stdio.h>
-
-int main(int argc, char *argv[], char *envp[])
-{
-       int r
-       if (argc<2) {
-               fputs("Command missing.\n");
-               return 1;
-       }
-       r=execve(argv[1],argv+1,envp);
-       return r;
-}
-
-then I have to warn you:
-NO, THAT'S NOT A GOOD IDEA.
-ACTUALLY, IT'S AN INCREDIBLY STUPID IDEA.
-If you compile such a program and set the SETUID flag,
-then yes you will have a generalised SETUID launcher,
-but also ANYONE on the computer will be able to run ANYTHING
-as if they were you.
-Congratulations, your password is useless.
-*/

diff --git a/makefile b/makefile
index ec0c3abbd66ea0e0c60b62ed1e4d7b1cd46f6f2e..8524162ca1211571c722caa21ee99a4fc03fac43 100644 (file)
--- a/makefile
+++ b/makefile
@@ -1,3 +1,18 @@
+# Copyright (C) 2022, 2024 Balthasar Szczepański
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+# 
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 GIT_BACKEND_ESC = \/usr\/lib\/git-core\/git-http-backend
 
 CC=gcc
@@ -14,8 +29,8 @@ OD=/botm/bin/git
 
 all: git-http-backend
 
-git-http-backend.c: exec.c
-       $(SED) "s/###TARGET;/$(GIT_BACKEND_ESC)/" exec.c > git-http-backend.c
+git-http-backend.c: exec/exec.c
+       $(SED) "s/###EXEC_TARGET:/$(GIT_BACKEND_ESC)/" exec/exec.c > git-http-backend.c
 
 git-http-backend: git-http-backend.c
        $(CC) $(CF) -o git-http-backend git-http-backend.c