I am making a Cydia app that has permission to install files. I need to be able to gain root access to /Applications for this. I have looked aquí, but it was a little unclear. Could anybody explain it a little better?
preguntado el 10 de marzo de 12 a las 01:03
Never use system with setuid! If, for example, a malicious individual were to change the
PATH para ser
/tmp:$PATH, and this person added their own program to /tmp and named it "ls", then even running this simple code would give them root access to your device:
Instead, you should use the exec family of functions, but not execvp/execlp.
puedes usar esto
setuid( 0 ); system( "/path/to/script.sh" );
where path to script is a script in your app that would install files
setuid( 0 ); system( "cmd" );
where cmd is a command such as
setuid( 0 ); system( "echo Hello World" );
You can also log this way to the
/tmp directory or any other place.
setuid( 0 ); system( "echo Hello World >> /tmp/install.log" );
setuid (0); gives it root access and
system (cmd); is the actual command
Be careful on how you use this as root has access to everywhere.