From 232b396b15248b956dd18092649f378b0db8bd4d Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Thu, 2 Jul 2015 02:37:49 -0700 Subject: [PATCH] Replace dpkg with an insecure setuid root wrapper. --- MobileCydia.mm | 14 ++++++++++---- cydo.cpp | 9 +++++++++ makefile | 9 ++++++++- 3 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 cydo.cpp diff --git a/MobileCydia.mm b/MobileCydia.mm index ca91d086..d0b89fba 100644 --- a/MobileCydia.mm +++ b/MobileCydia.mm @@ -3988,9 +3988,9 @@ class CydiaLogCleaner : } } - (void) configure { - NSString *dpkg = [NSString stringWithFormat:@"dpkg --configure -a --status-fd %u", statusfd_]; + NSString *dpkg = [NSString stringWithFormat:@"/usr/libexec/cydo --configure -a --status-fd %u", statusfd_]; _trace(); - _root(system([dpkg UTF8String])); + system([dpkg UTF8String]); _trace(); } @@ -4092,7 +4092,7 @@ class CydiaLogCleaner : RestartSubstrate_ = true; _system->UnLock(); - pkgPackageManager::OrderResult result(_root(manager_->DoInstall(statusfd_))); + pkgPackageManager::OrderResult result(manager_->DoInstall(statusfd_)); if ([self popErrorWithTitle:title]) return; @@ -7918,7 +7918,7 @@ static void HomeControllerReachabilityCallback(SCNetworkReachabilityRef reachabi pid_t pid(ExecFork()); if (pid == 0) { - FILE *dpkg(_root(popen("dpkg --set-selections", "w"))); + FILE *dpkg(popen("/usr/libexec/cydo --set-selections", "w")); fwrite(package, strlen(package), 1, dpkg); if (on) @@ -10524,6 +10524,12 @@ int main(int argc, char *argv[]) { mkdir([Cache("lists/partial") UTF8String], 0755); mkdir([Cache("periodic") UTF8String], 0755); _config->Set("Dir::State::Lists", [Cache("lists") UTF8String]); + + std::string logs("/var/mobile/Library/Logs/Cydia"); + mkdir(logs.c_str(), 0755); + _config->Set("Dir::Log::Terminal", logs + "/apt.log"); + + _config->Set("Dir::Bin::dpkg", "/usr/libexec/cydia/cydo"); /* }}} */ /* Color Choices {{{ */ space_ = CGColorSpaceCreateDeviceRGB(); diff --git a/cydo.cpp b/cydo.cpp new file mode 100644 index 00000000..45836162 --- /dev/null +++ b/cydo.cpp @@ -0,0 +1,9 @@ +#include + +int main(int argc, char *argv[]) { + setuid(0); + setgid(0); + argv[0] = "/usr/bin/dpkg"; + execv(argv[0], argv); + return 1; +} diff --git a/makefile b/makefile index f47ab028..be185b62 100644 --- a/makefile +++ b/makefile @@ -137,11 +137,15 @@ setnsfpn: setnsfpn.cpp $(cycc) $(filter %.cpp,$^) $(flags) $(link) @ldid -T0 -S $@ +cydo: cydo.cpp + $(cycc) -std=c++11 $(filter %.cpp,$^) $(flags) $(link) -Wno-deprecated-writable-strings + @ldid -T0 -S $@ + postinst: postinst.mm Sources.mm Sources.h CyteKit/stringWithUTF8Bytes.mm CyteKit/stringWithUTF8Bytes.h CyteKit/UCPlatform.h $(cycc) -std=c++11 $(filter %.mm,$^) $(flags) $(link) -framework CoreFoundation -framework Foundation -framework UIKit @ldid -T0 -S $@ -debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion setnsfpn $(images) $(shell find MobileCydia.app) cydia.control Library/firmware.sh Library/move.sh Library/startup +debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion setnsfpn cydo $(images) $(shell find MobileCydia.app) cydia.control Library/firmware.sh Library/move.sh Library/startup sudo rm -rf _ mkdir -p _/var/lib/cydia @@ -154,6 +158,9 @@ debs/cydia_$(version)_iphoneos-arm.deb: MobileCydia preinst postinst cfversion s cp -a cfversion _/usr/libexec/cydia cp -a setnsfpn _/usr/libexec/cydia + cp -a cydo _/usr/libexec/cydia + sudo chmod 6755 _/usr/libexec/cydia/cydo + mkdir -p _/Library cp -a LaunchDaemons _/Library/LaunchDaemons -- 2.45.2