Freitag, 1. Februar 2013

run vlc as root

The best video player in the world is VLC. But when I try to run it I get the following error message:

VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use vlc-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).

That's nonsense to my opinion so I want to remove it. Re-compiling takes time and knowledge about video codex so I want a shorter way. Just editing the executable file /usr/bin/vlc will work:

cp /usr/bin/vlc /usr/bin/vlc-backup
needle=$(objdump -d /usr/bin/vlc | grep euid | tail -1 | awk '{print "\\x"$2"\\x"$3"\\x"$4"\\x"$5"\\x"$6;}')
sed -ir "s/$needle/\xb8\x01\x00\x00\x00/" /usr/bin/vlc

and it works, vlc runs as root now.

How did I do this

Glad you asked this question - it will take us through a journey of the gnu debugger, disassembling programs and editing hex files that is actually very interesting.

Let's look at the functions that are contained in vlc. Open a console and type:

# which vlc
/usr/bin/vlc
# gdb /usr/bin/vlc
[...]
(gdb) info functions
All defined functions:

Non-debugging symbols:
[...]
0x0000000000400f40  geteuid
[...]
 
Ok so there is a function geteuid to find out the effective User ID. Let's disassemble vlc to find out when this is called:

objdump -d -M intel /usr/bin/vlc
[...]
40118e:       e8 6d fe ff ff          call   401000 <geteuid@plt>
401193:       85 c0                   test   eax,eax
401195:       0f 84 20 05 00 00       je     4016bb <dlerror@plt+0x57b>
[...]

Wow, in line 40118, the function geteuid is called. Obviously it sets the processor register eax to 0 if the user is root. Because in line 401193, eax is checked to be 0 or not. Line 401195 contains the command je, "jump if equal". So if eax is 0, the processor will continue at address
<dlerror@plt+0x57b>. There will be code to end the program I assume.
So let's replace line 401195 by some code that just does nothing. "Do nothing" in assembly is NOP, "no operation". In machine code it is 90h. That means if we replace the bytes in line 401195 by 90 90 90 90 90 90, it will no longer exit.

No problem, let's call this hex editor okteta using the command

okteta /usr/bin/vlc

and search for the bytes 0f8420:
The hex editor okteta showing /usr/bin/vlc
Now there is only one occurrence in the file. Replace it (and the following 3 bytes) by 90's:
Then click on File -> Save and the problem from the beginning will not bug you any longer.

See also

http://www.linuxintro.org/wiki/Run_vlc_as_root
By um
Labels: , ,

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)

Raspberry Pi, test my internet connection

Since start of Corona times, I use my internet at home also for work. So its reliability and performance has become crucial. Performance see...

  • how to strace a process
    strace is a Linux command that can help you with error analysis. By default it will output every syscall a process does. This means it w...
  • A new look for linuxintro.org
    I have 20 years of experience with Linux in the job and wanted to give something back, so I founded linuxintro.org , a wiki where you can le...
  • run vlc as root
    The best video player in the world is VLC . But when I try to run it I get the following error message: VLC is not supposed to be run as r...