Improve execsh() and don't allow anonymous shells
This patch improves the shell selection on execsh and forbid shell with users don't registered in the passwd file.dev
parent
8342036f98
commit
a3549c2eec
30
st.c
30
st.c
|
@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
|
||||||
|
|
||||||
void
|
void
|
||||||
execsh(void) {
|
execsh(void) {
|
||||||
char **args;
|
char **args, *sh;
|
||||||
char *envshell = getenv("SHELL");
|
const struct passwd *pw;
|
||||||
const struct passwd *pass = getpwuid(getuid());
|
|
||||||
char buf[sizeof(long) * 8 + 1];
|
char buf[sizeof(long) * 8 + 1];
|
||||||
|
|
||||||
|
errno = 0;
|
||||||
|
if((pw = getpwuid(getuid())) == NULL) {
|
||||||
|
if(errno)
|
||||||
|
die("getpwuid:%s\n", strerror(errno));
|
||||||
|
else
|
||||||
|
die("who are you?\n");
|
||||||
|
}
|
||||||
unsetenv("COLUMNS");
|
unsetenv("COLUMNS");
|
||||||
unsetenv("LINES");
|
unsetenv("LINES");
|
||||||
unsetenv("TERMCAP");
|
unsetenv("TERMCAP");
|
||||||
|
|
||||||
if(pass) {
|
sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
|
||||||
setenv("LOGNAME", pass->pw_name, 1);
|
|
||||||
setenv("USER", pass->pw_name, 1);
|
|
||||||
setenv("SHELL", pass->pw_shell, 0);
|
|
||||||
setenv("HOME", pass->pw_dir, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
snprintf(buf, sizeof(buf), "%lu", xw.win);
|
snprintf(buf, sizeof(buf), "%lu", xw.win);
|
||||||
|
|
||||||
|
setenv("LOGNAME", pw->pw_name, 1);
|
||||||
|
setenv("USER", pw->pw_name, 1);
|
||||||
|
setenv("SHELL", sh, 1);
|
||||||
|
setenv("HOME", pw->pw_dir, 1);
|
||||||
|
setenv("TERM", termname, 1);
|
||||||
setenv("WINDOWID", buf, 1);
|
setenv("WINDOWID", buf, 1);
|
||||||
|
|
||||||
signal(SIGCHLD, SIG_DFL);
|
signal(SIGCHLD, SIG_DFL);
|
||||||
|
@ -1165,9 +1171,7 @@ execsh(void) {
|
||||||
signal(SIGTERM, SIG_DFL);
|
signal(SIGTERM, SIG_DFL);
|
||||||
signal(SIGALRM, SIG_DFL);
|
signal(SIGALRM, SIG_DFL);
|
||||||
|
|
||||||
DEFAULT(envshell, shell);
|
args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
|
||||||
setenv("TERM", termname, 1);
|
|
||||||
args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
|
|
||||||
execvp(args[0], args);
|
execvp(args[0], args);
|
||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue