diff options
Diffstat (limited to 'bin')
-rw-r--r-- | bin/Makefile | 16 | ||||
-rw-r--r-- | bin/lua-privsep.c | 58 |
2 files changed, 74 insertions, 0 deletions
diff --git a/bin/Makefile b/bin/Makefile new file mode 100644 index 0000000..e0e03cb --- /dev/null +++ b/bin/Makefile @@ -0,0 +1,16 @@ + +COMPILE_PROG = $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $($@_objs) $($@_libs) + + +PKGCONF ?= pkg-config + +LUA_PKG ?= lua +LUA_CFLAGS := $(shell $(PKGCONF) --cflags $(LUA_PKG)) +LUA_LIBS := $(shell $(PKGCONF) --libs $(LUA_PKG)) + +lua-privsep_objs = lua-privsep.o +lua-privsep_libs = $(LUA_LIBS) + +lua-privsep: $(lua-privsep_objs) + $(COMPILE_PROG) + diff --git a/bin/lua-privsep.c b/bin/lua-privsep.c new file mode 100644 index 0000000..1e165e1 --- /dev/null +++ b/bin/lua-privsep.c @@ -0,0 +1,58 @@ +#include <stdio.h> + +#include <lua.h> +#include <lauxlib.h> +#include <lualib.h> + +#ifndef PRIVSEP_PATH +#define PRIVSEP_PATH "./" +#endif + +static int traceback (lua_State *L) { + if (!lua_isstring(L, 1)) /* 'message' not a string? */ + return 1; /* keep it intact */ + fprintf(stderr, "traceback\n"); + lua_getfield(L, LUA_GLOBALSINDEX, "debug"); + if (!lua_istable(L, -1)) { + fprintf(stderr, "traceback: debug\n"); + lua_pop(L, 1); + return 1; + } + + lua_getfield(L, -1, "traceback"); + if (!lua_isfunction(L, -1)) { + fprintf(stderr, "traceback: traceback\n"); + lua_pop(L, 2); + return 1; + } + + lua_pushvalue(L, 1); /* pass error message */ + lua_pushinteger(L, 2); /* skip this function and traceback */ + lua_call(L, 2, 1); /* call debug.traceback */ + return 1; +} + +int main(int argc, char *argv[]) +{ + const char *luamain = PRIVSEP_PATH "privileged-main.lua"; + int i, traceback_index; + + lua_State *L = luaL_newstate(); + luaL_openlibs(L); + + lua_pushcfunction(L, traceback); + traceback_index = lua_gettop(L); + + if (luaL_loadfile(L, luamain)) + return luaL_error(L, "%s", luamain); + + for (i = 1; i < argc; i++) + lua_pushstring(L, argv[i]); + + if (lua_pcall(L, argc-1, 0, traceback_index)) + return luaL_error(L, "error"); + + + return 0; +} + |