Do not set SHELL to utmp ever

SHELL must be set to the SHELL of the user, but it was possible set
it to utmp.
dev
Roberto E. Vargas Caballero 2014-10-15 19:42:20 +02:00
parent 86633ada91
commit f9fb620914
1 changed files with 11 additions and 9 deletions

20
st.c
View File

@ -1146,7 +1146,7 @@ die(const char *errstr, ...) {
void void
execsh(void) { execsh(void) {
char **args, *sh; char **args, *sh, *prog;
const struct passwd *pw; const struct passwd *pw;
char buf[sizeof(long) * 8 + 1]; char buf[sizeof(long) * 8 + 1];
@ -1158,13 +1158,15 @@ execsh(void) {
die("who are you?\n"); die("who are you?\n");
} }
if (utmp) sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
sh = utmp; if(opt_cmd)
else if (pw->pw_shell[0]) prog = opt_cmd[0];
sh = pw->pw_shell; else if(utmp)
prog = utmp;
else else
sh = shell; prog = sh;
args = (opt_cmd) ? opt_cmd : (char *[]){sh, NULL}; args = (opt_cmd) ? opt_cmd : (char *[]) {prog, NULL};
snprintf(buf, sizeof(buf), "%lu", xw.win); snprintf(buf, sizeof(buf), "%lu", xw.win);
unsetenv("COLUMNS"); unsetenv("COLUMNS");
@ -1172,7 +1174,7 @@ execsh(void) {
unsetenv("TERMCAP"); unsetenv("TERMCAP");
setenv("LOGNAME", pw->pw_name, 1); setenv("LOGNAME", pw->pw_name, 1);
setenv("USER", pw->pw_name, 1); setenv("USER", pw->pw_name, 1);
setenv("SHELL", args[0], 1); setenv("SHELL", sh, 1);
setenv("HOME", pw->pw_dir, 1); setenv("HOME", pw->pw_dir, 1);
setenv("TERM", termname, 1); setenv("TERM", termname, 1);
setenv("WINDOWID", buf, 1); setenv("WINDOWID", buf, 1);
@ -1184,7 +1186,7 @@ execsh(void) {
signal(SIGTERM, SIG_DFL); signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL); signal(SIGALRM, SIG_DFL);
execvp(args[0], args); execvp(prog, args);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }