From 7ae2d8824ab59dfbda6eaf7f621b6d3bfdec56e7 Mon Sep 17 00:00:00 2001
From: Timotej Lazar <timotej.lazar@fri.uni-lj.si>
Date: Wed, 14 Oct 2015 12:03:21 +0200
Subject: Add support for command arguments to sandbox

---
 python/runner/sandbox.c    | 17 ++++++++++-------
 python/runner/terminator.c |  3 +--
 2 files changed, 11 insertions(+), 9 deletions(-)

(limited to 'python')

diff --git a/python/runner/sandbox.c b/python/runner/sandbox.c
index 4576060..7da8dd2 100644
--- a/python/runner/sandbox.c
+++ b/python/runner/sandbox.c
@@ -1,19 +1,23 @@
-#include <fcntl.h>
 #include <pwd.h>
 #include <stdio.h>
-#include <sys/prctl.h>
+#include <stdlib.h>
 #include <sys/resource.h>
-#include <sys/stat.h>
-#include <sys/types.h>
 #include <unistd.h>
 
 int main(int argc, char* argv[])
 {
 	if (argc < 3) {
-		fprintf(stderr, "usage: %s USERNAME FILE\n", argv[0]);
+		fprintf(stderr, "usage: %s USERNAME FILE [ARGS...]\n", argv[0]);
 		return 1;
 	}
 
+	// initialize arguments for the sandboxed command
+	char** args = malloc((argc-1) * sizeof(char*));
+	int i;
+	for (i = 0; i < argc-2; i++)
+		args[i] = argv[i+2];
+	args[argc-2] = (char*)0;
+
 	// switch user (requires root or "setcap cap_setuid,cap_setgid+ep")
 	char const* username = argv[1];
 	struct passwd const* pw = getpwnam(username);
@@ -42,6 +46,5 @@ int main(int argc, char* argv[])
 	if ((ret = setrlimit(RLIMIT_NPROC, &nproc_limit)) != 0)
 		fprintf(stderr, "setrlimit(NPROC) returned %d\n", ret);
 
-	char* const args[] = { argv[2], (char*)0 };
-	return execvp(argv[2], args);
+	return execvp(args[0], args);
 }
diff --git a/python/runner/terminator.c b/python/runner/terminator.c
index 0706957..9eaca83 100644
--- a/python/runner/terminator.c
+++ b/python/runner/terminator.c
@@ -2,8 +2,7 @@
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
+#include <unistd.h>
 
 int main(int argc, char* argv[])
 {
-- 
cgit v1.2.1