[hackers] [st] Improve execsh() and don't allow anonymous shells || Roberto E. Vargas Caballero

From: <git_AT_suckless.org>
Date: Wed, 20 Aug 2014 09:05:40 +0200

commit a3549c2eecf12b3453e6c86ba1721e7837f23746
Author: Roberto E. Vargas Caballero <k0ga_AT_shike2.com>
Date: Tue Aug 19 00:55:02 2014 +0200

    Improve execsh() and don't allow anonymous shells
    
    This patch improves the shell selection on execsh and forbid
    shell with users don't registered in the passwd file.

diff --git a/st.c b/st.c
index 1c998ec..009388c 100644
--- a/st.c
+++ b/st.c
_AT_@ -1139,23 +1139,29 @@ die(const char *errstr, ...) {
 
 void
 execsh(void) {
- char **args;
- char *envshell = getenv("SHELL");
- const struct passwd *pass = getpwuid(getuid());
+ char **args, *sh;
+ const struct passwd *pw;
         char buf[sizeof(long) * 8 + 1];
 
+ errno = 0;
+ if((pw = getpwuid(getuid())) == NULL) {
+ if(errno)
+ die("getpwuid:%s
", strerror(errno));
+ else
+ die("who are you?
");
+ }
         unsetenv("COLUMNS");
         unsetenv("LINES");
         unsetenv("TERMCAP");
 
- if(pass) {
- setenv("LOGNAME", pass->pw_name, 1);
- setenv("USER", pass->pw_name, 1);
- setenv("SHELL", pass->pw_shell, 0);
- setenv("HOME", pass->pw_dir, 0);
- }
-
+ sh = (pw->pw_shell[0]) ? pw->pw_shell : shell;
         snprintf(buf, sizeof(buf), "%lu", xw.win);
+
+ setenv("LOGNAME", pw->pw_name, 1);
+ setenv("USER", pw->pw_name, 1);
+ setenv("SHELL", sh, 1);
+ setenv("HOME", pw->pw_dir, 1);
+ setenv("TERM", termname, 1);
         setenv("WINDOWID", buf, 1);
 
         signal(SIGCHLD, SIG_DFL);
_AT_@ -1165,9 +1171,7 @@ execsh(void) {
         signal(SIGTERM, SIG_DFL);
         signal(SIGALRM, SIG_DFL);
 
- DEFAULT(envshell, shell);
- setenv("TERM", termname, 1);
- args = opt_cmd ? opt_cmd : (char *[]){envshell, "-i", NULL};
+ args = opt_cmd ? opt_cmd : (char *[]){sh, "-i", NULL};
         execvp(args[0], args);
         exit(EXIT_FAILURE);
 }
Received on Wed Aug 20 2014 - 09:05:40 CEST