davezarzycki · January 16, 2021 14:57
diff --git a/tmptmp.c b/tmptmp.c
 // Copyright (c) 2021 David Zarzycki
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to
 // deal in the Software without restriction, including without limitation the
 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 // sell copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
 //
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 // IN THE SOFTWARE.
 //
 //===----------------------------------------------------------------------===//
 //
 //  This program allows one run a program with a temporary /tmp.
 //
 //===----------------------------------------------------------------------===//

 // Remember: sudo setcap cap_sys_admin+ep tmptmp

 // unshare() requres this
 #define _GNU_SOURCE

 #include <sys/types.h>
 #include <sys/mount.h>
 #include <unistd.h>
 #include <sched.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <assert.h>

 int
 main(int argc, char *argv[]) {
 	if (argc <= 1) {
 		fprintf(stderr, "usage: %s <program> [args]\n", argv[0]);
 		return 1;
 	}
 	int r;
 	r = unshare(CLONE_NEWNS);
 	assert (r == 0);

 	// Remount the new namespace "private" but do not use MS_REMOUNT because it
 	// will silently fail. We need to do this, otherwise umount() will affect
 	// all namespaces.
 	r = mount("", "/", "", MS_PRIVATE | MS_REC, NULL);
 	assert (r == 0);

 	r = umount2("/tmp", MNT_DETACH);
 	assert(r == 0);

 	r = mount("", "/tmp", "tmpfs", 0, NULL);
 	assert (r == 0);

 	// Is there a way to explicitly drop capabilities?
 	r = setgid(getgid());
 	assert(r == 0);
 	r = setuid(getuid());
 	assert(r == 0);

 	execvp(argv[1], argv + 1);
 	perror("execvp");
 	return 1;
 }
	// Copyright (c) 2021 David Zarzycki
	//
	// Permission is hereby granted, free of charge, to any person obtaining a copy
	// of this software and associated documentation files (the "Software"), to
	// deal in the Software without restriction, including without limitation the
	// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
	// sell copies of the Software, and to permit persons to whom the Software is
	// furnished to do so, subject to the following conditions:
	//
	// The above copyright notice and this permission notice shall be included in
	// all copies or substantial portions of the Software.
	//
	// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
	// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
	// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
	// IN THE SOFTWARE.
	//
	//===----------------------------------------------------------------------===//
	//
	// This program allows one run a program with a temporary /tmp.
	//
	//===----------------------------------------------------------------------===//

	// Remember: sudo setcap cap_sys_admin+ep tmptmp

	// unshare() requres this
	#define _GNU_SOURCE

	#include <sys/types.h>
	#include <sys/mount.h>
	#include <unistd.h>
	#include <sched.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <assert.h>

	int
	main(int argc, char *argv[]) {
	if (argc <= 1) {
	fprintf(stderr, "usage: %s <program> [args]\n", argv[0]);
	return 1;
	}
	int r;
	r = unshare(CLONE_NEWNS);
	assert (r == 0);

	// Remount the new namespace "private" but do not use MS_REMOUNT because it
	// will silently fail. We need to do this, otherwise umount() will affect
	// all namespaces.
	r = mount("", "/", "", MS_PRIVATE \| MS_REC, NULL);
	assert (r == 0);

	r = umount2("/tmp", MNT_DETACH);
	assert(r == 0);

	r = mount("", "/tmp", "tmpfs", 0, NULL);
	assert (r == 0);

	// Is there a way to explicitly drop capabilities?
	r = setgid(getgid());
	assert(r == 0);
	r = setuid(getuid());
	assert(r == 0);

	execvp(argv[1], argv + 1);
	perror("execvp");
	return 1;
	}
No results found