we are not doing access control here, so replace the "check if file is

executable" goo with access(2). originally from jacekm@ long time ago. "i can live with that" oga@
author: okan 2009-08-25 02:02:59 +0000
committer: okan 2009-08-25 02:02:59 +0000
commit: 9e894f7bbd3f1a8e871279b1c4c1d2a679313642 (patch)
tree: a58a659eec6a913b67d4b243a7fffe23f32ff6b5 /kbfunc.c
parent: 8b32931fdf4f29f82f83f433e0f1efe141c3d57b (diff)
download: cwm-9e894f7bbd3f1a8e871279b1c4c1d2a679313642.tar.gz
1 files changed, 6 insertions, 35 deletions
diff --git a/kbfunc.c b/kbfunc.c
index a276406..769491e 100644
--- a/kbfunc.c
+++ b/kbfunc.c
@@ -15,7 +15,7 @@
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  *
- * $Id: kbfunc.c,v 1.41 2009/08/24 23:54:41 oga Exp $
+ * $Id: kbfunc.c,v 1.42 2009/08/25 02:02:59 okan Exp $
  */
 
 #include <paths.h>
@@ -228,14 +228,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
 #define NPATHS 256
 	char		**ap, *paths[NPATHS], *path, *pathcpy, *label;
 	char		 tpath[MAXPATHLEN];
-	int		 l, i, j, ngroups;
-	gid_t		 mygroups[NGROUPS_MAX];
-	uid_t		 ruid, euid, suid;
+	int		 l, i;
 	DIR		*dirp;
 	struct dirent	*dp;
 	struct menu	*mi;
 	struct menu_q	 menuq;
-	struct stat	 sb;
 
 	int cmd = arg->i;
 	switch (cmd) {
@@ -250,11 +247,6 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
 			/*NOTREACHED*/
 	}
 
-	if (getgroups(0, mygroups) == -1)
-		err(1, "getgroups failure");
-	if ((ngroups = getresuid(&ruid, &euid, &suid)) == -1)
-		err(1, "getresuid failure");
-
 	TAILQ_INIT(&menuq);
 
 	if ((path = getenv("PATH")) == NULL)
@@ -281,32 +273,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
 			/* check for truncation etc */
 			if (l == -1 || l >= (int)sizeof(tpath))
 				continue;
-			/* just ignore on stat failure */
-			if (stat(tpath, &sb) == -1)
-				continue;
-			/* may we execute this file? */
-			if (euid == sb.st_uid) {
-					if (sb.st_mode & S_IXUSR)
-						goto executable;
-					else
-						continue;
+			if (access(tpath, X_OK) == 0) {
+				mi = xcalloc(1, sizeof(*mi));
+				strlcpy(mi->text, dp->d_name, sizeof(mi->text));
+				TAILQ_INSERT_TAIL(&menuq, mi, entry);
 			}
-			for (j = 0; j < ngroups; j++) {
-				if (mygroups[j] == sb.st_gid) {
-					if (sb.st_mode & S_IXGRP)
-						goto executable;
-					else
-						continue;
-				}
-			}
-			if (sb.st_mode & S_IXOTH)
-				goto executable;
-			continue;
-		executable:
-			/* the thing in tpath, we may execute */
-			mi = xcalloc(1, sizeof(*mi));
-			strlcpy(mi->text, dp->d_name, sizeof(mi->text));
-			TAILQ_INSERT_TAIL(&menuq, mi, entry);
 		}
 		(void)closedir(dirp);
 	}
author	okan	2009-08-25 02:02:59 +0000
committer	okan	2009-08-25 02:02:59 +0000
commit	9e894f7bbd3f1a8e871279b1c4c1d2a679313642 (patch)
tree	a58a659eec6a913b67d4b243a7fffe23f32ff6b5 /kbfunc.c
parent	8b32931fdf4f29f82f83f433e0f1efe141c3d57b (diff)
download	cwm-9e894f7bbd3f1a8e871279b1c4c1d2a679313642.tar.gz