1#!/usr/bin/perl 2# Emacs settings: -*- tab-width: 4 -*- 3# 4# File: installtool 5# 6# Abstract: Copy "ddnswriteconfig" to Application Support and make it setuid root. 7# 8# Copyright: (c) Copyright 2005 Apple Computer, Inc. All rights reserved. 9# 10# Disclaimer: IMPORTANT: This Apple software is supplied to you by Apple Computer, Inc. 11# ("Apple") in consideration of your agreement to the following terms, and your 12# use, installation, modification or redistribution of this Apple software 13# constitutes acceptance of these terms. If you do not agree with these terms, 14# please do not use, install, modify or redistribute this Apple software. 15# 16# In consideration of your agreement to abide by the following terms, and subject 17# to these terms, Apple grants you a personal, non-exclusive license, under Apple's 18# copyrights in this original Apple software (the "Apple Software"), to use, 19# reproduce, modify and redistribute the Apple Software, with or without 20# modifications, in source and/or binary forms; provided that if you redistribute 21# the Apple Software in its entirety and without modifications, you must retain 22# this notice and the following text and disclaimers in all such redistributions of 23# the Apple Software. Neither the name, trademarks, service marks or logos of 24# Apple Computer, Inc. may be used to endorse or promote products derived from the 25# Apple Software without specific prior written permission from Apple. Except as 26# expressly stated in this notice, no other rights or licenses, express or implied, 27# are granted by Apple herein, including but not limited to any patent rights that 28# may be infringed by your derivative works or by other works in which the Apple 29# Software may be incorporated. 30# 31# The Apple Software is provided by Apple on an "AS IS" basis. APPLE MAKES NO 32# WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED 33# WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR 34# PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND OPERATION ALONE OR IN 35# COMBINATION WITH YOUR PRODUCTS. 36# 37# IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR 38# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 39# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 40# ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION, MODIFICATION AND/OR DISTRIBUTION 41# OF THE APPLE SOFTWARE, HOWEVER CAUSED AND WHETHER UNDER THEORY OF CONTRACT, TORT 42# (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF APPLE HAS BEEN 43# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 44# 45# Create the Bonjour subdirectory. 46# Copy ARGV[0] to $dest and set owner and suid permissions. 47# 48# This script will be run as root by the AEWP trampoline. 49# 50 51use File::Temp qw/ :mktemp /; 52 53$dest_dir = "/Library/Application Support/Bonjour"; 54$dest = $dest_dir . "/ddnswriteconfig"; 55 56$template = ".XXXXXX"; 57 58# Perl seems to think this code is running setuid root, so it applies its security checks. 59# See <http://www.monster-submit.com/resources/docs/pod/perlsec.html>. 60# In fact this is NOT a setuid script. It is a normal unprivileged user-level script -- 61# but it is run as root when properly authorized by a user with an admin password, 62# via the AuthorizationExecuteWithPrivileges() call. 63# We therefore have to do this trick pattern match to 'untaint' the source file specified in $ARGV[0]. 64if ($ARGV[0] =~ /^(.+)$/) { $src = $1; } 65 66# Also clear $ENV{PATH} so we don't get "Insecure $ENV{PATH}" fatal errors 67$ENV{PATH} = ""; 68 69if (! -d $dest_dir) { 70 $dest_tmp_dir = mkdtemp ($dest_dir . $template); 71 (chown 0, 80, $dest_tmp_dir) or cleanup_dir(); 72 (chmod 0755, $dest_tmp_dir) or cleanup_dir(); 73 (rename $dest_tmp_dir, $dest_dir) or cleanup_dir(); 74} 75 76$dest_tmp = mktemp ($dest . $template); 77 78if ($src ne '') { 79 system ('/bin/cp', '-f', $src, $dest_tmp) and cleanup(); 80 (chown 0, 80, $dest_tmp) or cleanup(); 81 (chmod 04555, $dest_tmp) or cleanup(); 82 (rename $dest_tmp, $dest) or cleanup(); 83} 84exit (0); 85 86sub cleanup { 87 unlink $dest_tmp; 88 exit (1); 89} 90 91sub cleanup_dir { 92 unlink $dest_tmp_dir; 93 exit (1); 94} 95