From owner-svn-src-svnadmin@FreeBSD.ORG Sat Dec 29 16:32:10 2012 Return-Path: Delivered-To: svn-src-svnadmin@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 549861BA; Sat, 29 Dec 2012 16:32:10 +0000 (UTC) (envelope-from peter@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 1F8AE8FC08; Sat, 29 Dec 2012 16:32:10 +0000 (UTC) Received: from svn.freebsd.org (svn.FreeBSD.org [8.8.178.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qBTGW9ko006477; Sat, 29 Dec 2012 16:32:10 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qBTGW9nl006475; Sat, 29 Dec 2012 16:32:09 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201212291632.qBTGW9nl006475@svn.freebsd.org> From: Peter Wemm Date: Sat, 29 Dec 2012 16:32:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-svnadmin@freebsd.org Subject: svn commit: r244823 - svnadmin/tools/svnssh X-SVN-Group: svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-svnadmin@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the admin / configuration tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Dec 2012 16:32:10 -0000 Author: peter Date: Sat Dec 29 16:32:09 2012 New Revision: 244823 URL: http://svnweb.freebsd.org/changeset/base/244823 Log: Strip out the shell escape. Modified: svnadmin/tools/svnssh/svnssh.c Modified: svnadmin/tools/svnssh/svnssh.c ============================================================================== --- svnadmin/tools/svnssh/svnssh.c Sat Dec 29 16:03:23 2012 (r244822) +++ svnadmin/tools/svnssh/svnssh.c Sat Dec 29 16:32:09 2012 (r244823) @@ -65,20 +65,6 @@ usage(void) exit(1); } -static void -shell(char *argv[], int interactive) -{ - const char *sh = "/bin/tcsh"; - - if (interactive) - printf("Shell access granted - but you've got %s\n\n", sh); - setuid(getuid()); - syslog(LOG_INFO, "shell access granted: %s", username); - execv(sh, argv); - msg("could not exec %s", sh); - exit(1); -} - static int karmacheck(FILE *fp, const char *name) { @@ -131,15 +117,11 @@ int main(int argc, char *argv[]) { struct passwd *pw; - struct group *gr; struct stat st; struct rlimit rl; FILE *fp; - int i; gid_t repogid; - gid_t mygroups[NGROUPS_MAX]; - int ngroups; - int karma, shellkarma; + int karma; umask(002); openlog("svnssh", LOG_PID | LOG_NDELAY, LOG_AUTH); @@ -157,18 +139,7 @@ main(int argc, char *argv[]) strlcpy(username, pw->pw_name, sizeof(username)); endpwent(); - shellkarma = 0; - ngroups = getgroups(NGROUPS_MAX, mygroups); - if (ngroups > 0) { - gr = getgrnam("shell"); - if (gr != NULL) - for (i = 0; i < ngroups; i++) - if (mygroups[i] == (gid_t)gr->gr_gid) - shellkarma = 1; - } if (argv[0][0] == '-' || argc == 1) { - if (shellkarma) - shell(argv, 1); syslog(LOG_INFO, "shell access denied: %s", username); msg("Sorry, no login shells on this machine."); usage(); @@ -178,16 +149,8 @@ main(int argc, char *argv[]) strcmp("svnssh", argv[0]) != 0 || strcmp("-c", argv[1]) != 0 || strcmp("svnserve -t", argv[2]) != 0) { - if (shellkarma) /* Allow any command */ - shell(argv, 0); syslog(LOG_INFO, "invalid args for svn server: %s, argc=%d", username, argc); msg("Invalid arguments for svnserve"); - fprintf(stderr, "You sent: argc=%d", argc); - for (i = 0; i < argc; i++) { - fprintf(stderr, " '%s'", argv[i]); - syslog(LOG_INFO, "argv[%d] = %s", i, argv[i]); - } - fprintf(stderr, "\n"); usage(); } From owner-svn-src-svnadmin@FreeBSD.ORG Sat Dec 29 16:33:33 2012 Return-Path: Delivered-To: svn-src-svnadmin@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3C28E32A; Sat, 29 Dec 2012 16:33:33 +0000 (UTC) (envelope-from peter@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 088288FC0C; Sat, 29 Dec 2012 16:33:33 +0000 (UTC) Received: from svn.freebsd.org (svn.FreeBSD.org [8.8.178.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qBTGXWCN006776; Sat, 29 Dec 2012 16:33:32 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qBTGXW3m006775; Sat, 29 Dec 2012 16:33:32 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201212291633.qBTGXW3m006775@svn.freebsd.org> From: Peter Wemm Date: Sat, 29 Dec 2012 16:33:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-svnadmin@freebsd.org Subject: svn commit: r244824 - svnadmin/tools X-SVN-Group: svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-svnadmin@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the admin / configuration tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Dec 2012 16:33:33 -0000 Author: peter Date: Sat Dec 29 16:33:32 2012 New Revision: 244824 URL: http://svnweb.freebsd.org/changeset/base/244824 Log: The python API client based exporter is long gone. GC. Deleted: svnadmin/tools/export.py svnadmin/tools/export1.py svnadmin/tools/export2.py