aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2011-03-06 18:49:40 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2011-03-06 18:49:40 +0100
commitbd74e3d8beb0fedc4c1fdd9469a9de3f1f04c7b5 (patch)
treef1bf618a965c8a3f01811715f4c9684bee767ad0
parent41478ade4f28cbacd954c9663d851c374d33f6b9 (diff)
downloadbusybox-bd74e3d8beb0fedc4c1fdd9469a9de3f1f04c7b5.tar.gz
libbb/login/su: do not sanitize shell name twice
function old new delta setup_environment 191 205 +14 login_main 1002 987 -15 su_main 474 458 -16 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/2 up/down: 14/-31) Total: -17 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--libbb/setup_environment.c3
-rw-r--r--loginutils/login.c8
-rw-r--r--loginutils/su.c10
3 files changed, 7 insertions, 14 deletions
diff --git a/libbb/setup_environment.c b/libbb/setup_environment.c
index a95fbc5bf..73229ca6c 100644
--- a/libbb/setup_environment.c
+++ b/libbb/setup_environment.c
@@ -32,6 +32,9 @@
void FAST_FUNC setup_environment(const char *shell, int flags, const struct passwd *pw)
{
+ if (!shell || !shell[0])
+ shell = DEFAULT_SHELL;
+
/* Change the current working directory to be the home directory
* of the user */
if (chdir(pw->pw_dir)) {
diff --git a/loginutils/login.c b/loginutils/login.c
index 952b3aadd..028a099b6 100644
--- a/loginutils/login.c
+++ b/loginutils/login.c
@@ -198,7 +198,6 @@ int login_main(int argc UNUSED_PARAM, char **argv)
};
char *fromhost;
char username[USERNAME_SIZE];
- const char *shell;
int run_by_root;
unsigned opt;
int count = 0;
@@ -391,10 +390,7 @@ int login_main(int argc UNUSED_PARAM, char **argv)
run_login_script(pw, full_tty);
change_identity(pw);
- shell = pw->pw_shell;
- if (!shell || !shell[0])
- shell = DEFAULT_SHELL;
- setup_environment(shell,
+ setup_environment(pw->pw_shell,
(!(opt & LOGIN_OPT_p) * SETUP_ENV_CLEARENV) + SETUP_ENV_CHANGEENV,
pw);
@@ -442,7 +438,7 @@ int login_main(int argc UNUSED_PARAM, char **argv)
signal(SIGINT, SIG_DFL);
/* Exec login shell with no additional parameters */
- run_shell(shell, 1, NULL, NULL);
+ run_shell(pw->pw_shell, 1, NULL, NULL);
/* return EXIT_FAILURE; - not reached */
}
diff --git a/loginutils/su.c b/loginutils/su.c
index db303af6d..72dd0f06f 100644
--- a/loginutils/su.c
+++ b/loginutils/su.c
@@ -114,20 +114,14 @@ int su_main(int argc UNUSED_PARAM, char **argv)
opt_shell = getenv("SHELL");
}
- /* Make sure pw->pw_shell is non-NULL. It may be NULL when NEW_USER
- * is a username that is retrieved via NIS (YP), that doesn't have
- * a default shell listed. */
- if (!pw->pw_shell || !pw->pw_shell[0])
- pw->pw_shell = (char *)DEFAULT_SHELL;
-
#if ENABLE_FEATURE_SU_CHECKS_SHELLS
- if (opt_shell && cur_uid != 0 && restricted_shell(pw->pw_shell)) {
+ if (opt_shell && cur_uid != 0 && pw->pw_shell && restricted_shell(pw->pw_shell)) {
/* The user being su'd to has a nonstandard shell, and so is
* probably a uucp account or has restricted access. Don't
* compromise the account by allowing access with a standard
* shell. */
bb_error_msg("using restricted shell");
- opt_shell = NULL;
+ opt_shell = NULL; /* ignore -s PROG */
}
/* else: user can run whatever he wants via "su -s PROG USER".
* This is safe since PROG is run under user's uid/gid. */