diff options
| author | okan <okan> | 2009-08-25 02:02:59 +0000 |
|---|---|---|
| committer | okan <okan> | 2009-08-25 02:02:59 +0000 |
| commit | 0a44f2e5c41bb60f9f426e4cf6e019067660e130 (patch) | |
| tree | 733abcf822dbdcd6b707bad3c51fb630abe1301f | |
| parent | 1968561fcc1520c97a7b994e11a5dbf58721e1fe (diff) | |
| download | cwm-0a44f2e5c41bb60f9f426e4cf6e019067660e130.tar.gz cwm-0a44f2e5c41bb60f9f426e4cf6e019067660e130.tar.xz cwm-0a44f2e5c41bb60f9f426e4cf6e019067660e130.zip | |
we are not doing access control here, so replace the "check if file is
executable" goo with access(2). originally from jacekm@ long time ago. "i can live with that" oga@
| -rw-r--r-- | kbfunc.c | 39 |
1 files changed, 5 insertions, 34 deletions
diff --git a/kbfunc.c b/kbfunc.c index 59a37f2..1c39c71 100644 --- a/kbfunc.c +++ b/kbfunc.c @@ -228,14 +228,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) #define NPATHS 256 char **ap, *paths[NPATHS], *path, *pathcpy, *label; char tpath[MAXPATHLEN]; - int l, i, j, ngroups; - gid_t mygroups[NGROUPS_MAX]; - uid_t ruid, euid, suid; + int l, i; DIR *dirp; struct dirent *dp; struct menu *mi; struct menu_q menuq; - struct stat sb; int cmd = arg->i; switch (cmd) { @@ -250,11 +247,6 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) /*NOTREACHED*/ } - if (getgroups(0, mygroups) == -1) - err(1, "getgroups failure"); - if ((ngroups = getresuid(&ruid, &euid, &suid)) == -1) - err(1, "getresuid failure"); - TAILQ_INIT(&menuq); if ((path = getenv("PATH")) == NULL) @@ -281,32 +273,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg) /* check for truncation etc */ if (l == -1 || l >= (int)sizeof(tpath)) continue; - /* just ignore on stat failure */ - if (stat(tpath, &sb) == -1) - continue; - /* may we execute this file? */ - if (euid == sb.st_uid) { - if (sb.st_mode & S_IXUSR) - goto executable; - else - continue; + if (access(tpath, X_OK) == 0) { + mi = xcalloc(1, sizeof(*mi)); + strlcpy(mi->text, dp->d_name, sizeof(mi->text)); + TAILQ_INSERT_TAIL(&menuq, mi, entry); } - for (j = 0; j < ngroups; j++) { - if (mygroups[j] == sb.st_gid) { - if (sb.st_mode & S_IXGRP) - goto executable; - else - continue; - } - } - if (sb.st_mode & S_IXOTH) - goto executable; - continue; - executable: - /* the thing in tpath, we may execute */ - mi = xcalloc(1, sizeof(*mi)); - strlcpy(mi->text, dp->d_name, sizeof(mi->text)); - TAILQ_INSERT_TAIL(&menuq, mi, entry); } (void)closedir(dirp); } |