Date: Tue, 19 Aug 1997 17:34:27 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: kudzu@dnai.com Cc: hackers@freebsd.org Subject: Re: su: kerberos: not in root's ACL. Message-ID: <1835.872037267@time.cdrom.com> In-Reply-To: Your message of "Tue, 19 Aug 1997 11:59:08 PDT." <33F9ECFC.4CF@dnai.com>
index | next in thread | previous in thread | raw e-mail
Sounds like an easy fix:
Index: csh.c
===================================================================
RCS file: /home/ncvs/src/bin/csh/csh.c,v
retrieving revision 1.6
diff -u -r1.6 csh.c
--- csh.c 1995/10/23 23:08:25 1.6
+++ csh.c 1997/08/20 00:32:37
@@ -622,7 +622,9 @@
for (;;) {
if ((c = *dp) == ':' || c == 0) {
*dp = 0;
- if (*cp != '/' && (euid == 0 || uid == 0) &&
+ if (!*cp)
+ break;
+ else if (*cp != '/' && (euid == 0 || uid == 0) &&
(intact || intty && isatty(SHOUT)))
(void) fprintf(csherr,
"Warning: imported path contains relative components\n");
However, what's unclear here is whether or not there is some
"historical" behavior in having a trailing : in one's path result in
an implicit inclusion of `.', something which is also a side-effect of
what happens here.
Any csh hackers care to comment?
Jordan
> Jordan K. Hubbard wrote:
> >
> > And $SHELL is csh in both su'd and non-su'd cases?
>
> SHELL=/bin/csh
>
> and in the su'd case:
>
> SHELL=/bin/csh
>
> I think I know where the problem is, I think. I put some "echo"
> code in csh.c:
>
> % su -
> Password:
> path is: /usr/bin:/bin:/usr/sbin:/sbin:
> Warning: imported path contains relative components
>
> The problem is the terminal ":" -- wherever *that's*
> coming from, it's showing a bug in the 'importpath()'.
>
>
> My echo is done here in the code:
>
> /*
> * Re-initialize path if set in environment
> * importpath uses intty and intact
> */
>
> if ((tcp = getenv("PATH")) == NULL)
> set1(STRpath, defaultpath(), &shvhed);
> else {
> (void) fprintf(csherr, "path is: %s\n",tcp); /* I ADDED THIS, Jordan
*/
> importpath(SAVE(tcp));
> }
>
> and the bug is in how a terminal ":" is handled in importpath. Wanna
> walk through the code with me? See what happens when the ":" is at
> the end of the string (followed by a nul).
>
> void
> importpath(cp)
> Char *cp;
> {
> register int i = 0;
> register Char *dp;
> register Char **pv;
> int c;
>
> for (dp = cp; *dp; dp++)
> if (*dp == ':')
> i++;
> /*
> * i+2 where i is the number of colons in the path. There are i+1
> * directories in the path plus we need room for a zero terminator.
> */
> pv = (Char **) xcalloc((size_t) (i + 2), sizeof(Char **));
> dp = cp;
> i = 0;
> if (*dp)
> for (;;) {
> if ((c = *dp) == ':' || c == 0) {
> *dp = 0;
> if (*cp != '/' && (euid == 0 || uid == 0) &&
> (intact || intty && isatty(SHOUT)))
> (void) fprintf(csherr,
> "Warning: imported path contains relative components\n");
> pv[i++] = Strsave(*cp ? cp : STRdot);
> if (c) {
> cp = dp + 1;
> *dp = ':';
> }
> else
> break;
> }
> dp++;
> }
> pv[i] = 0;
> set1(STRpath, pv, &shvhed);
> }
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1835.872037267>