snark/st
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Improve execsh() and don't allow anonymous shells

Browse source 
This patch improves the shell selection on execsh and forbid
shell with users don't registered in the passwd file.
This commit is contained in:
Roberto E. Vargas Caballero 2014-08-19 00:55:02 +02:00
parent 8342036f98
commit a3549c2eec
1 changed files with 17 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
st.c
View file

@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
void void
execsh(void) { execsh(void) {
char **args; char **args, *sh;
char *envshell = getenv("SHELL"); const struct passwd *pw;
const struct passwd *pass = getpwuid(getuid());
char buf[sizeof(long) * 8 + 1]; char buf[sizeof(long) * 8 + 1];
errno = 0;
if((pw = getpwuid(getuid())) == NULL) {
if(errno)
die("getpwuid:%s\n", strerror(errno));
else
die("who are you?\n");
}
unsetenv("COLUMNS"); unsetenv("COLUMNS");
unsetenv("LINES"); unsetenv("LINES");
unsetenv("TERMCAP"); unsetenv("TERMCAP");
if(pass) { sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
setenv("LOGNAME", pass->pw_name, 1);
setenv("USER", pass->pw_name, 1);
setenv("SHELL", pass->pw_shell, 0);
setenv("HOME", pass->pw_dir, 0);
}
snprintf(buf, sizeof(buf), "%lu", xw.win); snprintf(buf, sizeof(buf), "%lu", xw.win);
setenv("LOGNAME", pw->pw_name, 1);
setenv("USER", pw->pw_name, 1);
setenv("SHELL", sh, 1);
setenv("HOME", pw->pw_dir, 1);
setenv("TERM", termname, 1);
setenv("WINDOWID", buf, 1); setenv("WINDOWID", buf, 1);
signal(SIGCHLD, SIG_DFL); signal(SIGCHLD, SIG_DFL);
@ -1165,9 +1171,7 @@ execsh(void) {
signal(SIGTERM, SIG_DFL); signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL); signal(SIGALRM, SIG_DFL);
DEFAULT(envshell, shell); args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
setenv("TERM", termname, 1);
args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
execvp(args[0], args); execvp(args[0], args);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }