Improve execsh() and don't allow anonymous shells

This patch improves the shell selection on execsh and forbid
shell with users don't registered in the passwd file.
master
Roberto E. Vargas Caballero 2014-08-19 00:55:02 +02:00
parent 8342036f98
commit a3549c2eec
1 changed files with 17 additions and 13 deletions

30
st.c
View File

@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
void void
execsh(void) { execsh(void) {
char **args; char **args, *sh;
char *envshell = getenv("SHELL"); const struct passwd *pw;
const struct passwd *pass = getpwuid(getuid());
char buf[sizeof(long) * 8 + 1]; char buf[sizeof(long) * 8 + 1];
errno = 0;
if((pw = getpwuid(getuid())) == NULL) {
if(errno)
die("getpwuid:%s\n", strerror(errno));
else
die("who are you?\n");
}
unsetenv("COLUMNS"); unsetenv("COLUMNS");
unsetenv("LINES"); unsetenv("LINES");
unsetenv("TERMCAP"); unsetenv("TERMCAP");
if(pass) { sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
setenv("LOGNAME", pass->pw_name, 1);
setenv("USER", pass->pw_name, 1);
setenv("SHELL", pass->pw_shell, 0);
setenv("HOME", pass->pw_dir, 0);
}
snprintf(buf, sizeof(buf), "%lu", xw.win); snprintf(buf, sizeof(buf), "%lu", xw.win);
setenv("LOGNAME", pw->pw_name, 1);
setenv("USER", pw->pw_name, 1);
setenv("SHELL", sh, 1);
setenv("HOME", pw->pw_dir, 1);
setenv("TERM", termname, 1);
setenv("WINDOWID", buf, 1); setenv("WINDOWID", buf, 1);
signal(SIGCHLD, SIG_DFL); signal(SIGCHLD, SIG_DFL);
@ -1165,9 +1171,7 @@ execsh(void) {
signal(SIGTERM, SIG_DFL); signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL); signal(SIGALRM, SIG_DFL);
DEFAULT(envshell, shell); args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
setenv("TERM", termname, 1);
args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
execvp(args[0], args); execvp(args[0], args);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }