Pack an executable inside a shared library?
Is i开发者_如何学Pythont possible to pack an executable into a shared library and upon calling a function inside the said library:
- unpack the executable
- use the executable through
fork
The reason I am asking is because I was recently faced with a situation where my shared library was being loaded in a "sandbox" environment (maybe chroot based) and I would have really like the possibility of spawning a separate process for an executable (loose coupling).
As long as you have permission to write to a directory on a filesystem that isn't mounted noexec
, then you could just store the executable in a large array of unsigned char
and write it out with fwrite
, then use fork
/exec
to run it.
Really though, the best solution is just to use fork()
without exec
- just have the child side call into a different function after the fork()
(and then exit with _exit()
when that function is done).
Completely plausible.
static const char program[] = {
0x7f, 0x45, 0x4c, 0x46, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x43, 0x05, 0x02, 0x00, 0x03, 0x00, 0x1a, 0x00, 0x43, 0x05,
0x1a, 0x00, 0x43, 0x05, 0x04, 0x00, 0x00, 0x00, 0xb9, 0x31, 0x00, 0x43,
0x05, 0xb2, 0x0d, 0xcd, 0x80, 0x25, 0x20, 0x00, 0x01, 0x00, 0x93, 0xcd,
0x80, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2c, 0x20, 0x77, 0x6f, 0x72, 0x6c,
0x64, 0x0a
};
void hello(void) {
int fd;
pid_t child;
char name[1024];
char *tmp = getenv("TEMP") ?: getenv("TMP") ?: "/tmp";
if (strlen(tmp) > sizeof(name) - 8) return;
sprintf(name, "%s/XXXXXX", tmp);
fd = mkstemp(name);
if (fd == -1) return;
if (write(fd, program, sizeof(program)) < sizeof(program)) {
close(fd);
unlink(name);
return;
}
fchmod(fd, 0700);
close(fd);
(child = fork()) ? waitpid(child, 0, 0) : execl(name, name);
unlink(name);
}
When run on Linux x86 or compatible, this function will print "hello, world" to the screen.
However, I would definitely not recommend this. If you want a separate binary, just ship a separate binary, and require that it be installed in the sandbox along with your library.
精彩评论