Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 28 Jun 2002 09:53:47 +0400
From:      "Andrey A. Chernov" <ache@nagual.pp.ru>
To:        Dag-Erling Smorgrav <des@ofug.org>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/crypto/openssh-portable session.c
Message-ID:  <20020628055347.GA18229@nagual.pp.ru>
In-Reply-To: <xzpznxh1z2q.fsf@flood.ping.uio.no>
References:  <200206261417.g5QEHTjR074759@freefall.freebsd.org> <20020626152357.GA30110@nagual.pp.ru> <xzpznxh1z2q.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Jun 26, 2002 at 23:59:09 +0200, Dag-Erling Smorgrav wrote:
> Yes, that's a good point.  The original code also assumes
> setusercontext(3) will succeed, and copies the parent's PATH to the
> child - but if setusercontext(3) failed, PATH might be anything (what
> if sshd was started manually from a shell?)  It should use a
> compiled-in fallback instead.

Here is modified variant of my patch. Problems addressed: fallback PATH,
fallback TERM, both like in login. Problems not addressed: method you use
produce memory leak, memory mallocked for each new environment variable in
setusercontext() but later you free only main environment pointer and not
walk through all env. variables list, freeing them. Such code must be
added before xfree(environ).

--- session.c.bak	Wed Jun 26 18:17:28 2002
+++ session.c	Fri Jun 28 09:44:21 2002
@@ -962,11 +962,15 @@
 			 _PATH_MAILDIR, pw->pw_name);
 		child_set_env(&env, &envsize, "MAIL", buf);
 #ifdef HAVE_LOGIN_CAP
+		child_set_env(&env, &envsize, "PATH",
+			      (pw->pw_uid == 0) ?
+			      _PATH_STDPATH : _PATH_DEFPATH);
 		senv = environ;
 		environ = xmalloc(sizeof(char *));
 		*environ = NULL;
 		(void) setusercontext(lc, pw, pw->pw_uid,
 		    LOGIN_SETENV|LOGIN_SETPATH);
+		(void) setenv("TERM", "su", 0);
 		copy_environment(environ, &env, &envsize);
 		xfree(environ);
 		environ = senv;

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020628055347.GA18229>