From 9e894f7bbd3f1a8e871279b1c4c1d2a679313642 Mon Sep 17 00:00:00 2001 From: okan Date: Tue, 25 Aug 2009 02:02:59 +0000 Subject: we are not doing access control here, so replace the "check if file is executable" goo with access(2). originally from jacekm@ long time ago. "i can live with that" oga@ --- kbfunc.c | 41 ++++++----------------------------------- 1 file changed, 6 insertions(+), 35 deletions(-) (limited to 'kbfunc.c') diff --git a/kbfunc.c b/kbfunc.c index a276406..769491e 100644 --- a/kbfunc.c +++ b/kbfunc.c @@ -15,7 +15,7 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * - * $Id: kbfunc.c,v 1.41 2009/08/24 23:54:41 oga Exp $ + * $Id: kbfunc.c,v 1.42 2009/08/25 02:02:59 okan Exp $ */ #include @@ -228,14 +228,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) #define NPATHS 256 char **ap, *paths[NPATHS], *path, *pathcpy, *label; char tpath[MAXPATHLEN]; - int l, i, j, ngroups; - gid_t mygroups[NGROUPS_MAX]; - uid_t ruid, euid, suid; + int l, i; DIR *dirp; struct dirent *dp; struct menu *mi; struct menu_q menuq; - struct stat sb; int cmd = arg->i; switch (cmd) { @@ -250,11 +247,6 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) /*NOTREACHED*/ } - if (getgroups(0, mygroups) == -1) - err(1, "getgroups failure"); - if ((ngroups = getresuid(&ruid, &euid, &suid)) == -1) - err(1, "getresuid failure"); - TAILQ_INIT(&menuq); if ((path = getenv("PATH")) == NULL) @@ -281,32 +273,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) /* check for truncation etc */ if (l == -1 || l >= (int)sizeof(tpath)) continue; - /* just ignore on stat failure */ - if (stat(tpath, &sb) == -1) - continue; - /* may we execute this file? */ - if (euid == sb.st_uid) { - if (sb.st_mode & S_IXUSR) - goto executable; - else - continue; + if (access(tpath, X_OK) == 0) { + mi = xcalloc(1, sizeof(*mi)); + strlcpy(mi->text, dp->d_name, sizeof(mi->text)); + TAILQ_INSERT_TAIL(&menuq, mi, entry); } - for (j = 0; j < ngroups; j++) { - if (mygroups[j] == sb.st_gid) { - if (sb.st_mode & S_IXGRP) - goto executable; - else - continue; - } - } - if (sb.st_mode & S_IXOTH) - goto executable; - continue; - executable: - /* the thing in tpath, we may execute */ - mi = xcalloc(1, sizeof(*mi)); - strlcpy(mi->text, dp->d_name, sizeof(mi->text)); - TAILQ_INSERT_TAIL(&menuq, mi, entry); } (void)closedir(dirp); } -- cgit v1.2.3-2-gb3c3