diff options
author | Roberto E. Vargas Caballero | 2014-08-19 00:55:02 +0200 |
---|---|---|
committer | Roberto E. Vargas Caballero | 2014-08-20 09:03:44 +0200 |
commit | a3549c2eecf12b3453e6c86ba1721e7837f23746 (patch) | |
tree | a32736e55e1b1150000e66bb0a33ef3cad3733d4 | |
parent | 8342036f983288046e03a34055c10fc6b6b11017 (diff) | |
download | st-a3549c2eecf12b3453e6c86ba1721e7837f23746.tar.gz st-a3549c2eecf12b3453e6c86ba1721e7837f23746.tar.xz st-a3549c2eecf12b3453e6c86ba1721e7837f23746.zip |
Improve execsh() and don't allow anonymous shells
This patch improves the shell selection on execsh and forbid
shell with users don't registered in the passwd file.
-rw-r--r-- | st.c | 30 |
1 files changed, 17 insertions, 13 deletions
@@ -1139,23 +1139,29 @@ die(const char *errstr, ...) { void execsh(void) { - char **args; - char *envshell = getenv("SHELL"); - const struct passwd *pass = getpwuid(getuid()); + char **args, *sh; + const struct passwd *pw; char buf[sizeof(long) * 8 + 1]; + errno = 0; + if((pw = getpwuid(getuid())) == NULL) { + if(errno) + die("getpwuid:%s\n", strerror(errno)); + else + die("who are you?\n"); + } unsetenv("COLUMNS"); unsetenv("LINES"); unsetenv("TERMCAP"); - if(pass) { - setenv("LOGNAME", pass->pw_name, 1); - setenv("USER", pass->pw_name, 1); - setenv("SHELL", pass->pw_shell, 0); - setenv("HOME", pass->pw_dir, 0); - } - + sh = (pw->pw_shell[0]) ? pw->pw_shell : shell; snprintf(buf, sizeof(buf), "%lu", xw.win); + + setenv("LOGNAME", pw->pw_name, 1); + setenv("USER", pw->pw_name, 1); + setenv("SHELL", sh, 1); + setenv("HOME", pw->pw_dir, 1); + setenv("TERM", termname, 1); setenv("WINDOWID", buf, 1); signal(SIGCHLD, SIG_DFL); @@ -1165,9 +1171,7 @@ execsh(void) { signal(SIGTERM, SIG_DFL); signal(SIGALRM, SIG_DFL); - DEFAULT(envshell, shell); - setenv("TERM", termname, 1); - args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL}; + args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL}; execvp(args[0], args); exit(EXIT_FAILURE); } |