commit a3549c2eecf12b3453e6c86ba1721e7837f23746
parent 8342036f983288046e03a34055c10fc6b6b11017
Author: Roberto E. Vargas Caballero <k0ga@shike2.com>
Date: Tue, 19 Aug 2014 00:55:02 +0200
Improve execsh() and don't allow anonymous shells
This patch improves the shell selection on execsh and forbid
shell with users don't registered in the passwd file.
Diffstat:
M | st.c | | | 30 | +++++++++++++++++------------- |
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/st.c b/st.c
@@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
void
execsh(void) {
- char **args;
- char *envshell = getenv("SHELL");
- const struct passwd *pass = getpwuid(getuid());
+ char **args, *sh;
+ const struct passwd *pw;
char buf[sizeof(long) * 8 + 1];
+ errno = 0;
+ if((pw = getpwuid(getuid())) == NULL) {
+ if(errno)
+ die("getpwuid:%s\n", strerror(errno));
+ else
+ die("who are you?\n");
+ }
unsetenv("COLUMNS");
unsetenv("LINES");
unsetenv("TERMCAP");
- if(pass) {
- setenv("LOGNAME", pass->pw_name, 1);
- setenv("USER", pass->pw_name, 1);
- setenv("SHELL", pass->pw_shell, 0);
- setenv("HOME", pass->pw_dir, 0);
- }
-
+ sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
snprintf(buf, sizeof(buf), "%lu", xw.win);
+
+ setenv("LOGNAME", pw->pw_name, 1);
+ setenv("USER", pw->pw_name, 1);
+ setenv("SHELL", sh, 1);
+ setenv("HOME", pw->pw_dir, 1);
+ setenv("TERM", termname, 1);
setenv("WINDOWID", buf, 1);
signal(SIGCHLD, SIG_DFL);
@@ -1165,9 +1171,7 @@ execsh(void) {
signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL);
- DEFAULT(envshell, shell);
- setenv("TERM", termname, 1);
- args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
+ args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
execvp(args[0], args);
exit(EXIT_FAILURE);
}