VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Core/Unix/CoreService.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/Core/Unix/CoreService.cpp')
-rw-r--r--src/Core/Unix/CoreService.cpp30
1 files changed, 24 insertions, 6 deletions
diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp
index 7071f71c..c2eb2bf0 100644
--- a/src/Core/Unix/CoreService.cpp
+++ b/src/Core/Unix/CoreService.cpp
@@ -300,7 +300,14 @@ namespace VeraCrypt
// We are using -n to avoid prompting the user for a password.
// We are redirecting stderr to stdout and discarding both to avoid any output.
// This approach also works on newer macOS versions (12.0 and later).
- FILE* pipe = popen("sudo -n -l > /dev/null 2>&1", "r"); // redirect stderr to stdout and discard both.
+ std::string errorMsg;
+
+ string sudoAbsolutePath = Process::FindSystemBinary("sudo", errorMsg);
+ if (sudoAbsolutePath.empty())
+ throw SystemException(SRC_POS, errorMsg);
+
+ std::string popenCommand = sudoAbsolutePath + " -n -l > /dev/null 2>&1"; // We redirect stderr to stdout (2>&1) to be able to catch the result of the command
+ FILE* pipe = popen(popenCommand.c_str(), "r");
if (pipe)
{
// We only care about the exit code
@@ -396,15 +403,26 @@ namespace VeraCrypt
{
try
{
+ // Throw exception if sudo is not found in secure locations
+ std::string errorMsg;
+ string sudoPath = Process::FindSystemBinary("sudo", errorMsg);
+ if (sudoPath.empty())
+ throw SystemException(SRC_POS, errorMsg);
+
+ string appPath = request.ApplicationExecutablePath;
+ // if appPath is empty or not absolute, use FindSystemBinary to get the full path of veracrpyt executable
+ if (appPath.empty() || appPath[0] != '/')
+ {
+ appPath = Process::FindSystemBinary("veracrypt", errorMsg);
+ if (appPath.empty())
+ throw SystemException(SRC_POS, errorMsg);
+ }
+
throw_sys_if (dup2 (inPipe->GetReadFD(), STDIN_FILENO) == -1);
throw_sys_if (dup2 (outPipe->GetWriteFD(), STDOUT_FILENO) == -1);
throw_sys_if (dup2 (errPipe.GetWriteFD(), STDERR_FILENO) == -1);
- string appPath = request.ApplicationExecutablePath;
- if (appPath.empty())
- appPath = "veracrypt";
-
- const char *args[] = { "sudo", "-S", "-p", "", appPath.c_str(), TC_CORE_SERVICE_CMDLINE_OPTION, nullptr };
+ const char *args[] = { sudoPath.c_str(), "-S", "-p", "", appPath.c_str(), TC_CORE_SERVICE_CMDLINE_OPTION, nullptr };
execvp (args[0], ((char* const*) args));
throw SystemException (SRC_POS, args[0]);
}