Replace dpkg with an insecure setuid root wrapper.

diff --git a/MobileCydia.mm b/MobileCydia.mm
index ca91d0868253d43594b5a4463a9eb27f88d19604..d0b89fba0b2df53eaca7f339a95d5fb354c7a3de 100644 (file)
--- a/MobileCydia.mm
+++ b/MobileCydia.mm
@@ -3988,9 +3988,9 @@ class CydiaLogCleaner :
 } }
 
 - (void) configure {
-    NSString *dpkg = [NSString stringWithFormat:@"dpkg --configure -a --status-fd %u", statusfd_];
+    NSString *dpkg = [NSString stringWithFormat:@"/usr/libexec/cydo --configure -a --status-fd %u", statusfd_];
     _trace();
-    _root(system([dpkg UTF8String]));
+    system([dpkg UTF8String]);
     _trace();
 }
 
@@ -4092,7 +4092,7 @@ class CydiaLogCleaner :
         RestartSubstrate_ = true;
 
     _system->UnLock();
-    pkgPackageManager::OrderResult result(_root(manager_->DoInstall(statusfd_)));
+    pkgPackageManager::OrderResult result(manager_->DoInstall(statusfd_));
     if ([self popErrorWithTitle:title])
         return;
 
@@ -7918,7 +7918,7 @@ static void HomeControllerReachabilityCallback(SCNetworkReachabilityRef reachabi
 
     pid_t pid(ExecFork());
     if (pid == 0) {
-        FILE *dpkg(_root(popen("dpkg --set-selections", "w")));
+        FILE *dpkg(popen("/usr/libexec/cydo --set-selections", "w"));
         fwrite(package, strlen(package), 1, dpkg);
 
         if (on)
@@ -10524,6 +10524,12 @@ int main(int argc, char *argv[]) {
     mkdir([Cache("lists/partial") UTF8String], 0755);
     mkdir([Cache("periodic") UTF8String], 0755);
     _config->Set("Dir::State::Lists", [Cache("lists") UTF8String]);
+
+    std::string logs("/var/mobile/Library/Logs/Cydia");
+    mkdir(logs.c_str(), 0755);
+    _config->Set("Dir::Log::Terminal", logs + "/apt.log");
+
+    _config->Set("Dir::Bin::dpkg", "/usr/libexec/cydia/cydo");
     /* }}} */
     /* Color Choices {{{ */
     space_ = CGColorSpaceCreateDeviceRGB();

diff --git a/cydo.cpp b/cydo.cpp
new file mode 100644 (file)
index 0000000..4583616
--- /dev/null
+++ b/cydo.cpp
@@ -0,0 +1,9 @@
+#include <unistd.h>
+
+int main(int argc, char *argv[]) {
+    setuid(0);
+    setgid(0);
+    argv[0] = "/usr/bin/dpkg";
+    execv(argv[0], argv);
+    return 1;
+}

diff --git a/makefile b/makefile
index f47ab0283d352cbe559d21e720ddccde59ace447..be185b62b2f36af47f17ddbac45fcfec51e84a07 100644 (file)
--- a/makefile
+++ b/makefile
@@ -137,11 +137,15 @@ setnsfpn: setnsfpn.cpp
        $(cycc) $(filter %.cpp,$^) $(flags) $(link)
        @ldid -T0 -S $@
 
+cydo: cydo.cpp
+       $(cycc) -std=c++11 $(filter %.cpp,$^) $(flags) $(link) -Wno-deprecated-writable-strings
+       @ldid -T0 -S $@
+
 postinst: postinst.mm Sources.mm Sources.h CyteKit/stringWithUTF8Bytes.mm CyteKit/stringWithUTF8Bytes.h CyteKit/UCPlatform.h
        $(cycc) -std=c++11 $(filter %.mm,$^) $(flags) $(link) -framework CoreFoundation -framework Foundation -framework UIKit
        @ldid -T0 -S $@
 
-debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion setnsfpn $(images) $(shell find MobileCydia.app) cydia.control Library/firmware.sh Library/move.sh Library/startup
+debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion setnsfpn cydo $(images) $(shell find MobileCydia.app) cydia.control Library/firmware.sh Library/move.sh Library/startup
        sudo rm -rf _
        mkdir -p _/var/lib/cydia
        
@@ -154,6 +158,9 @@ debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion s
        cp -a cfversion _/usr/libexec/cydia
        cp -a setnsfpn _/usr/libexec/cydia
        
+       cp -a cydo _/usr/libexec/cydia
+       sudo chmod 6755 _/usr/libexec/cydia/cydo
+       
        mkdir -p _/Library
        cp -a LaunchDaemons _/Library/LaunchDaemons