JehanneOS/mksh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

make setuid/setgid scripts and access() work again

Browse Source 
by reverting some OpenBSD and applying some Debian diff
This commit is contained in:
tg 2005-05-25 13:46:02 +00:00
parent 1c49eb97a5
commit d7c3f0a066
6 changed files with 51 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
exec.c
View File

@ -1,11 +1,11 @@
/** $MirOS: src/bin/mksh/exec.c,v 1.3 2005/05/25 11:31:15 tg Exp $ */
/** $MirOS: src/bin/mksh/exec.c,v 1.4 2005/05/25 13:45:59 tg Exp $ */
/* $OpenBSD: exec.c,v 1.41 2005/03/30 17:16:37 deraadt Exp $ */
#include "sh.h"
#include <sys/stat.h>
#include <ctype.h>
__RCSID("$MirOS: src/bin/mksh/exec.c,v 1.3 2005/05/25 11:31:15 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/exec.c,v 1.4 2005/05/25 13:45:59 tg Exp $");
static int comexec(struct op *, struct tbl *volatile, char **,
int volatile);
@ -856,7 +856,7 @@ findcom(const char *name, int flags)
tp = tbi;
if (!tp && (flags & FC_PATH) && !(flags & FC_DEFPATH)) {
tp = tsearch(&taliases, name, h);
if (tp && (tp->flag & ISSET) && access(tp->val.s, X_OK) != 0) {
if (tp && (tp->flag & ISSET) && eaccess(tp->val.s, X_OK) != 0) {
if (tp->flag & ALLOC) {
tp->flag &= ~ALLOC;
afree(tp->val.s, APERM);
@ -930,7 +930,7 @@ search_access(const char *lpath, int mode,
if (stat(lpath, &statb) < 0)
return -1;
ret = access(lpath, mode);
ret = eaccess(lpath, mode);
if (ret < 0)
err = errno; /* File exists, but we can't access it */
else if (mode == X_OK && (!S_ISREG(statb.st_mode) ||

8
funcs.c
View File

@ -1,4 +1,4 @@
/** $MirOS: src/bin/mksh/funcs.c,v 1.7 2005/05/25 09:39:49 tg Exp $ */
/** $MirOS: src/bin/mksh/funcs.c,v 1.8 2005/05/25 13:46:00 tg Exp $ */
/* $OpenBSD: c_ksh.c,v 1.27 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: c_sh.c,v 1.29 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: c_test.c,v 1.17 2005/03/30 17:16:37 deraadt Exp $ */
@ -13,7 +13,7 @@
#include <ulimit.h>
#endif
__RCSID("$MirOS: src/bin/mksh/funcs.c,v 1.7 2005/05/25 09:39:49 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/funcs.c,v 1.8 2005/05/25 13:46:00 tg Exp $");
int
c_cd(char **wp)
@ -184,7 +184,7 @@ c_pwd(char **wp)
}
p = current_wd[0] ? (physical ? get_phys_path(current_wd) : current_wd) :
NULL;
if (p && access(p, R_OK) < 0)
if (p && eaccess(p, R_OK) < 0)
p = NULL;
if (!p) {
p = ksh_get_wd(NULL, 0);
@ -2627,7 +2627,7 @@ test_eaccess(const char *pathl, int mode)
}
#endif /* !HAVE_DEV_FD */
res = access(pathl, mode);
res = eaccess(pathl, mode);
/*
* On most (all?) unixes, access() says everything is executable for
* root - avoid this on files by using stat().

10
main.c
View File

@ -1,4 +1,4 @@
/** $MirOS: src/bin/mksh/main.c,v 1.5 2005/05/25 11:37:23 tg Exp $ */
/** $MirOS: src/bin/mksh/main.c,v 1.6 2005/05/25 13:46:01 tg Exp $ */
/* $OpenBSD: main.c,v 1.38 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: tty.c,v 1.8 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: io.c,v 1.21 2005/03/30 17:16:37 deraadt Exp $ */
@ -10,7 +10,7 @@
#include <ctype.h>
#include <pwd.h>
__RCSID("$MirOS: src/bin/mksh/main.c,v 1.5 2005/05/25 11:37:23 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/main.c,v 1.6 2005/05/25 13:46:01 tg Exp $");
extern char **environ;
@ -217,6 +217,10 @@ main(int argc, char *argv[])
}
ksheuid = geteuid();
kshuid = getuid();
kshegid = getegid();
kshgid = getgid();
safe_prompt = ksheuid ? "$ " : "# ";
{
struct tbl *vp = global("PS1");
@ -231,7 +235,7 @@ main(int argc, char *argv[])
}
/* Set this before parsing arguments */
Flag(FPRIVILEGED) = getuid() != ksheuid || getgid() != getegid();
Flag(FPRIVILEGED) = kshuid != ksheuid || kshgid != kshegid;
/* this to note if monitor is set on command line (see below) */
Flag(FMONITOR) = 127;

10
misc.c
View File

@ -1,4 +1,4 @@
/** $MirOS: src/bin/mksh/misc.c,v 1.3 2005/05/23 15:54:31 tg Exp $ */
/** $MirOS: src/bin/mksh/misc.c,v 1.4 2005/05/25 13:46:01 tg Exp $ */
/* $OpenBSD: misc.c,v 1.28 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: path.c,v 1.12 2005/03/30 17:16:37 deraadt Exp $ */
@ -7,7 +7,7 @@
#include <sys/param.h> /* for MAXPATHLEN */
#include <sys/stat.h>
__RCSID("$MirOS: src/bin/mksh/misc.c,v 1.3 2005/05/23 15:54:31 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/misc.c,v 1.4 2005/05/25 13:46:01 tg Exp $");
short chtypes[UCHAR_MAX+1]; /* type bits for unsigned char */
@ -264,10 +264,10 @@ change_flag(enum sh_flag f,
}
} else if (f == FPRIVILEGED && oldval && !newval) {
/* Turning off -p? */
seteuid(ksheuid = getuid());
seteuid(ksheuid = kshuid = getuid());
setuid(ksheuid);
setegid(getgid());
setgid(getgid());
setegid(kshegid = kshgid = getgid());
setgid(kshegid);
} else if (f == FPOSIX && newval) {
Flag(FBRACEEXPAND) = 0;
}

6
sh.h
View File

@ -1,4 +1,4 @@
/** $MirOS: src/bin/mksh/sh.h,v 1.6 2005/05/23 16:23:19 tg Exp $ */
/** $MirOS: src/bin/mksh/sh.h,v 1.7 2005/05/25 13:46:01 tg Exp $ */
/* $OpenBSD: sh.h,v 1.27 2005/03/28 21:33:04 deraadt Exp $ */
/* $OpenBSD: shf.h,v 1.5 2005/03/30 17:16:37 deraadt Exp $ */
/* $OpenBSD: table.h,v 1.6 2004/12/18 20:55:52 millert Exp $ */
@ -112,6 +112,9 @@ EXTERN char * kshname; /* $0 */
EXTERN pid_t kshpid; /* $$, shell pid */
EXTERN pid_t procpid; /* pid of executing process */
EXTERN uid_t ksheuid; /* effective uid of shell */
EXTERN uid_t kshuid; /* real uid of shell */
EXTERN gid_t kshegid; /* effective gid of shell */
EXTERN gid_t kshgid; /* real gid of shell */
EXTERN int exstat; /* exit status */
EXTERN int subst_exstat; /* exit status of last $(..)/`..` */
EXTERN const char *safe_prompt; /* safe prompt if PS1 substitution fails */
@ -1239,6 +1242,7 @@ void change_random(void);
int array_ref_len(const char *);
char * arrayname(const char *);
void set_array(const char *, int, char **);
int eaccess(const char *, int);
enum Test_op {
TO_NONOP = 0, /* non-operator */

29
var.c
View File

@ -1,4 +1,4 @@
/** $MirOS: src/bin/mksh/var.c,v 1.3 2005/05/23 15:36:56 tg Exp $ */
/** $MirOS: src/bin/mksh/var.c,v 1.4 2005/05/25 13:46:02 tg Exp $ */
/* $OpenBSD: var.c,v 1.26 2005/03/30 17:16:37 deraadt Exp $ */
#include "sh.h"
@ -6,7 +6,7 @@
#include <ctype.h>
#include <time.h>
__RCSID("$MirOS: src/bin/mksh/var.c,v 1.3 2005/05/23 15:36:56 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/var.c,v 1.4 2005/05/25 13:46:02 tg Exp $");
/*
* Variables
@ -981,7 +981,7 @@ setspec(struct tbl *vp)
struct stat statb;
s = str_val(vp);
if (s[0] == '/' && access(s, W_OK|X_OK) == 0 &&
if (s[0] == '/' && eaccess(s, W_OK|X_OK) == 0 &&
stat(s, &statb) == 0 && S_ISDIR(statb.st_mode))
tmpdir = str_save(s, APERM);
}
@ -1179,3 +1179,26 @@ set_array(const char *var, int reset, char **vals)
setstr(vq, vals[i], KSH_RETURN_ERROR);
}
}
int
eaccess(const char *pathname, int mode)
{
bool need_uid, need_gid;
int rv, _errno;
if ((need_gid = (kshgid != kshegid)))
setregid(kshegid, kshgid);
if ((need_uid = (kshuid != ksheuid)))
setreuid(ksheuid, kshuid);
rv = access(pathname, mode);
_errno = errno;
if (need_gid)
setregid(kshgid, kshegid);
if (need_uid)
setreuid(kshuid, ksheuid);
errno = _errno;
return (rv);
}