summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOkan Demirmen <okan@cvs.openbsd.org>2009-08-25 02:03:00 +0000
committerOkan Demirmen <okan@cvs.openbsd.org>2009-08-25 02:03:00 +0000
commit2378d320c93ffd1cd0279863d7114b0a704d87bf (patch)
tree8eeac6599fe04a708c6b59f420445bfd38be7ad4
parent7d97b36e5f50013251be023797bc4746ce67f5bb (diff)
we are not doing access control here, so replace the "check if file is
executable" goo with access(2). originally from jacekm@ long time ago. "i can live with that" oga@
-rw-r--r--app/cwm/kbfunc.c41
1 files changed, 6 insertions, 35 deletions
diff --git a/app/cwm/kbfunc.c b/app/cwm/kbfunc.c
index a276406e7..769491e62 100644
--- a/app/cwm/kbfunc.c
+++ b/app/cwm/kbfunc.c
@@ -15,7 +15,7 @@
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
- * $Id: kbfunc.c,v 1.41 2009/08/24 23:54:41 oga Exp $
+ * $Id: kbfunc.c,v 1.42 2009/08/25 02:02:59 okan Exp $
*/
#include <paths.h>
@@ -228,14 +228,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
#define NPATHS 256
char **ap, *paths[NPATHS], *path, *pathcpy, *label;
char tpath[MAXPATHLEN];
- int l, i, j, ngroups;
- gid_t mygroups[NGROUPS_MAX];
- uid_t ruid, euid, suid;
+ int l, i;
DIR *dirp;
struct dirent *dp;
struct menu *mi;
struct menu_q menuq;
- struct stat sb;
int cmd = arg->i;
switch (cmd) {
@@ -250,11 +247,6 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
/*NOTREACHED*/
}
- if (getgroups(0, mygroups) == -1)
- err(1, "getgroups failure");
- if ((ngroups = getresuid(&ruid, &euid, &suid)) == -1)
- err(1, "getresuid failure");
-
TAILQ_INIT(&menuq);
if ((path = getenv("PATH")) == NULL)
@@ -281,32 +273,11 @@ kbfunc_exec(struct client_ctx *scratch, union arg *arg)
/* check for truncation etc */
if (l == -1 || l >= (int)sizeof(tpath))
continue;
- /* just ignore on stat failure */
- if (stat(tpath, &sb) == -1)
- continue;
- /* may we execute this file? */
- if (euid == sb.st_uid) {
- if (sb.st_mode & S_IXUSR)
- goto executable;
- else
- continue;
+ if (access(tpath, X_OK) == 0) {
+ mi = xcalloc(1, sizeof(*mi));
+ strlcpy(mi->text, dp->d_name, sizeof(mi->text));
+ TAILQ_INSERT_TAIL(&menuq, mi, entry);
}
- for (j = 0; j < ngroups; j++) {
- if (mygroups[j] == sb.st_gid) {
- if (sb.st_mode & S_IXGRP)
- goto executable;
- else
- continue;
- }
- }
- if (sb.st_mode & S_IXOTH)
- goto executable;
- continue;
- executable:
- /* the thing in tpath, we may execute */
- mi = xcalloc(1, sizeof(*mi));
- strlcpy(mi->text, dp->d_name, sizeof(mi->text));
- TAILQ_INSERT_TAIL(&menuq, mi, entry);
}
(void)closedir(dirp);
}