Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Use user shell instead of /bin/sh

  • Loading branch information...
commit d0e5839df8ca1049005c8b2faa9419656c0e4316 1 parent 872968b
Dmitriy Kalinin and Pieter Noordhuis authored
Showing with 32 additions and 36 deletions.
  1. +5 −15 warden/src/wsh/msg.c
  2. +3 −1 warden/src/wsh/msg.h
  3. +24 −20 warden/src/wsh/wshd.c
View
20 warden/src/wsh/msg.c
@@ -137,29 +137,19 @@ int msg_user_import(msg__user_t *u, const char *name) {
return 0;
}
-int msg_user_export(msg__user_t *u) {
- struct passwd *pw;
- int rv;
-
- if (strlen(u->name) == 0) {
- return 0;
- }
+int msg_user_export(msg__user_t *u, struct passwd *pw) {
+ ((void) u);
- pw = getpwnam(u->name);
- if (pw == NULL) {
- return -1;
- }
+ int rv;
rv = setgid(pw->pw_gid);
if (rv == -1) {
- perror("setgid");
- abort();
+ return rv;
}
rv = setuid(pw->pw_uid);
if (rv == -1) {
- perror("setuid");
- abort();
+ return rv;
}
return 0;
View
4 warden/src/wsh/msg.h
@@ -7,6 +7,8 @@
#include <sys/time.h>
#include <sys/resource.h>
+#include "pwd.h"
+
typedef struct msg__array_s msg__array_t;
typedef struct msg__rlimit_s msg__rlimit_t;
typedef struct msg__user_s msg__user_t;
@@ -49,7 +51,7 @@ int msg_rlimit_import(msg__rlimit_t *);
int msg_rlimit_export(msg__rlimit_t *);
int msg_user_import(msg__user_t *u, const char *name);
-int msg_user_export(msg__user_t *u);
+int msg_user_export(msg__user_t *u, struct passwd *pw);
void msg_request_init(msg_request_t *req);
void msg_response_init(msg_response_t *res);
View
44 warden/src/wsh/wshd.c
@@ -233,23 +233,10 @@ char **env__add(char **envp, const char *key, const char *value) {
return envp;
}
-char **child_setup_environment(msg_request_t *req) {
- const char *user;
- struct passwd *pw;
+char **child_setup_environment(struct passwd *pw) {
int rv;
char **envp = NULL;
- user = req->user.name;
- if (!strlen(user)) {
- user = "root";
- }
-
- pw = getpwnam(user);
- if (pw == NULL) {
- perror("getpwnam");
- return NULL;
- }
-
rv = chdir(pw->pw_dir);
if (rv == -1) {
perror("chdir");
@@ -278,6 +265,8 @@ int child_fork(msg_request_t *req, int in, int out, int err) {
}
if (rv == 0) {
+ const char *user;
+ struct passwd *pw;
char *default_argv[] = { "/bin/sh", NULL };
char *default_envp[] = { NULL };
char **argv = default_argv;
@@ -295,6 +284,21 @@ int child_fork(msg_request_t *req, int in, int out, int err) {
rv = setsid();
assert(rv != -1);
+ user = req->user.name;
+ if (!strlen(user)) {
+ user = "root";
+ }
+
+ pw = getpwnam(user);
+ if (pw == NULL) {
+ perror("getpwnam");
+ goto error;
+ }
+
+ if (strlen(pw->pw_shell)) {
+ default_argv[0] = strdup(pw->pw_shell);
+ }
+
/* Set controlling terminal if needed */
if (isatty(in)) {
rv = ioctl(STDIN_FILENO, TIOCSCTTY, 1);
@@ -307,25 +311,25 @@ int child_fork(msg_request_t *req, int in, int out, int err) {
assert(argv != NULL);
}
- /* Use resource limits from request */
rv = msg_rlimit_export(&req->rlim);
if (rv == -1) {
perror("msg_rlimit_export");
- exit(255);
+ goto error;
}
- /* Set user from request */
- rv = msg_user_export(&req->user);
+ rv = msg_user_export(&req->user, pw);
if (rv == -1) {
perror("msg_user_export");
- exit(255);
+ goto error;
}
- envp = child_setup_environment(req);
+ envp = child_setup_environment(pw);
assert(envp != NULL);
execvpe(argv[0], argv, envp);
perror("execvpe");
+
+error:
exit(255);
}
Please sign in to comment.
Something went wrong with that request. Please try again.