diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2011-03-06 18:49:40 +0100 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2011-03-06 18:49:40 +0100 |
commit | bd74e3d8beb0fedc4c1fdd9469a9de3f1f04c7b5 (patch) | |
tree | f1bf618a965c8a3f01811715f4c9684bee767ad0 | |
parent | 41478ade4f28cbacd954c9663d851c374d33f6b9 (diff) |
libbb/login/su: do not sanitize shell name twice
function old new delta
setup_environment 191 205 +14
login_main 1002 987 -15
su_main 474 458 -16
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/2 up/down: 14/-31) Total: -17 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | libbb/setup_environment.c | 3 | ||||
-rw-r--r-- | loginutils/login.c | 8 | ||||
-rw-r--r-- | loginutils/su.c | 10 |
3 files changed, 7 insertions, 14 deletions
diff --git a/libbb/setup_environment.c b/libbb/setup_environment.c index a95fbc5bf..73229ca6c 100644 --- a/libbb/setup_environment.c +++ b/libbb/setup_environment.c @@ -32,6 +32,9 @@ void FAST_FUNC setup_environment(const char *shell, int flags, const struct passwd *pw) { + if (!shell || !shell[0]) + shell = DEFAULT_SHELL; + /* Change the current working directory to be the home directory * of the user */ if (chdir(pw->pw_dir)) { diff --git a/loginutils/login.c b/loginutils/login.c index 952b3aadd..028a099b6 100644 --- a/loginutils/login.c +++ b/loginutils/login.c @@ -198,7 +198,6 @@ int login_main(int argc UNUSED_PARAM, char **argv) }; char *fromhost; char username[USERNAME_SIZE]; - const char *shell; int run_by_root; unsigned opt; int count = 0; @@ -391,10 +390,7 @@ int login_main(int argc UNUSED_PARAM, char **argv) run_login_script(pw, full_tty); change_identity(pw); - shell = pw->pw_shell; - if (!shell || !shell[0]) - shell = DEFAULT_SHELL; - setup_environment(shell, + setup_environment(pw->pw_shell, (!(opt & LOGIN_OPT_p) * SETUP_ENV_CLEARENV) + SETUP_ENV_CHANGEENV, pw); @@ -442,7 +438,7 @@ int login_main(int argc UNUSED_PARAM, char **argv) signal(SIGINT, SIG_DFL); /* Exec login shell with no additional parameters */ - run_shell(shell, 1, NULL, NULL); + run_shell(pw->pw_shell, 1, NULL, NULL); /* return EXIT_FAILURE; - not reached */ } diff --git a/loginutils/su.c b/loginutils/su.c index db303af6d..72dd0f06f 100644 --- a/loginutils/su.c +++ b/loginutils/su.c @@ -114,20 +114,14 @@ int su_main(int argc UNUSED_PARAM, char **argv) opt_shell = getenv("SHELL"); } - /* Make sure pw->pw_shell is non-NULL. It may be NULL when NEW_USER - * is a username that is retrieved via NIS (YP), that doesn't have - * a default shell listed. */ - if (!pw->pw_shell || !pw->pw_shell[0]) - pw->pw_shell = (char *)DEFAULT_SHELL; - #if ENABLE_FEATURE_SU_CHECKS_SHELLS - if (opt_shell && cur_uid != 0 && restricted_shell(pw->pw_shell)) { + if (opt_shell && cur_uid != 0 && pw->pw_shell && restricted_shell(pw->pw_shell)) { /* The user being su'd to has a nonstandard shell, and so is * probably a uucp account or has restricted access. Don't * compromise the account by allowing access with a standard * shell. */ bb_error_msg("using restricted shell"); - opt_shell = NULL; + opt_shell = NULL; /* ignore -s PROG */ } /* else: user can run whatever he wants via "su -s PROG USER". * This is safe since PROG is run under user's uid/gid. */ |