El 08/09/18 a las 11:47, aitor_czr escribió:
The idea is very simple. The GUI and the suid binary will contain a
non-existent header:
#include "key.h"
The key.h file will contain an unique line (the random definition of
the KEY varible) edited by CMake during the compilation. For example:
var1="#define KEY "
var2=`tr -cd '[:alnum:]' < /dev/urandom | fold -w32 | head -n1`
echo "${var1}\"${var2}\"" > key.h
would generate something like this:
#define KEY "X1AULvFge6Tgq1p9BZat4EEVqAwaCnsB"
and then, the suid binary only will be able to be run from the GUI,
built together with it.
Cheers,
Aitor.
The CLI version of simple-netaid will ask you for root's password.
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
