Improve execsh() and don't allow anonymous shells

This patch improves the shell selection on execsh and forbid
shell with users don't registered in the passwd file.
master
Roberto E. Vargas Caballero 10 years ago
parent 8342036f98
commit a3549c2eec
  1. 30
      st.c

30
st.c

@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
void void
execsh(void) { execsh(void) {
char **args; char **args, *sh;
char *envshell = getenv("SHELL"); const struct passwd *pw;
const struct passwd *pass = getpwuid(getuid());
char buf[sizeof(long) * 8 + 1]; char buf[sizeof(long) * 8 + 1];
errno = 0;
if((pw = getpwuid(getuid())) == NULL) {
if(errno)
die("getpwuid:%s\n", strerror(errno));
else
die("who are you?\n");
}
unsetenv("COLUMNS"); unsetenv("COLUMNS");
unsetenv("LINES"); unsetenv("LINES");
unsetenv("TERMCAP"); unsetenv("TERMCAP");
if(pass) { sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
setenv("LOGNAME", pass->pw_name, 1);
setenv("USER", pass->pw_name, 1);
setenv("SHELL", pass->pw_shell, 0);
setenv("HOME", pass->pw_dir, 0);
}
snprintf(buf, sizeof(buf), "%lu", xw.win); snprintf(buf, sizeof(buf), "%lu", xw.win);
setenv("LOGNAME", pw->pw_name, 1);
setenv("USER", pw->pw_name, 1);
setenv("SHELL", sh, 1);
setenv("HOME", pw->pw_dir, 1);
setenv("TERM", termname, 1);
setenv("WINDOWID", buf, 1); setenv("WINDOWID", buf, 1);
signal(SIGCHLD, SIG_DFL); signal(SIGCHLD, SIG_DFL);
@ -1165,9 +1171,7 @@ execsh(void) {
signal(SIGTERM, SIG_DFL); signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL); signal(SIGALRM, SIG_DFL);
DEFAULT(envshell, shell); args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
setenv("TERM", termname, 1);
args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
execvp(args[0], args); execvp(args[0], args);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }

Loading…
Cancel
Save