tImprove execsh() and don't allow anonymous shells - st - [fork] customized bui… | |
git clone git://src.adamsgaard.dk/st | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit a3549c2eecf12b3453e6c86ba1721e7837f23746 | |
parent 8342036f983288046e03a34055c10fc6b6b11017 | |
Author: Roberto E. Vargas Caballero <[email protected]> | |
Date: Tue, 19 Aug 2014 00:55:02 +0200 | |
Improve execsh() and don't allow anonymous shells | |
This patch improves the shell selection on execsh and forbid | |
shell with users don't registered in the passwd file. | |
Diffstat: | |
M st.c | 30 +++++++++++++++++------------- | |
1 file changed, 17 insertions(+), 13 deletions(-) | |
--- | |
diff --git a/st.c b/st.c | |
t@@ -1139,23 +1139,29 @@ die(const char *errstr, ...) { | |
void | |
execsh(void) { | |
- char **args; | |
- char *envshell = getenv("SHELL"); | |
- const struct passwd *pass = getpwuid(getuid()); | |
+ char **args, *sh; | |
+ const struct passwd *pw; | |
char buf[sizeof(long) * 8 + 1]; | |
+ errno = 0; | |
+ if((pw = getpwuid(getuid())) == NULL) { | |
+ if(errno) | |
+ die("getpwuid:%s\n", strerror(errno)); | |
+ else | |
+ die("who are you?\n"); | |
+ } | |
unsetenv("COLUMNS"); | |
unsetenv("LINES"); | |
unsetenv("TERMCAP"); | |
- if(pass) { | |
- setenv("LOGNAME", pass->pw_name, 1); | |
- setenv("USER", pass->pw_name, 1); | |
- setenv("SHELL", pass->pw_shell, 0); | |
- setenv("HOME", pass->pw_dir, 0); | |
- } | |
- | |
+ sh = (pw->pw_shell[0]) ? pw->pw_shell : shell; | |
snprintf(buf, sizeof(buf), "%lu", xw.win); | |
+ | |
+ setenv("LOGNAME", pw->pw_name, 1); | |
+ setenv("USER", pw->pw_name, 1); | |
+ setenv("SHELL", sh, 1); | |
+ setenv("HOME", pw->pw_dir, 1); | |
+ setenv("TERM", termname, 1); | |
setenv("WINDOWID", buf, 1); | |
signal(SIGCHLD, SIG_DFL); | |
t@@ -1165,9 +1171,7 @@ execsh(void) { | |
signal(SIGTERM, SIG_DFL); | |
signal(SIGALRM, SIG_DFL); | |
- DEFAULT(envshell, shell); | |
- setenv("TERM", termname, 1); | |
- args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL}; | |
+ args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL}; | |
execvp(args[0], args); | |
exit(EXIT_FAILURE); | |
} |