*/
#include <sys/param.h> /* MAXHOSTNAMELEN */
-#include <stdio.h>
-#include <unistd.h>
-#include "libbb.h"
-
#include <sys/utsname.h>
-#include <time.h>
+#include "libbb.h"
#define LOGIN " login: "
-static const char fmtstr_d[] = "%A, %d %B %Y";
-static const char fmtstr_t[] = "%H:%M:%S";
+static const char fmtstr_d[] ALIGN1 = "%A, %d %B %Y";
+static const char fmtstr_t[] ALIGN1 = "%H:%M:%S";
-void print_login_issue(const char *issue_file, const char *tty)
+void FAST_FUNC print_login_issue(const char *issue_file, const char *tty)
{
- FILE *fd;
+ FILE *fp;
int c;
char buf[256+1];
const char *outbuf;
puts("\r"); /* start a new line */
- fd = fopen(issue_file, "r");
- if (!fd)
+ fp = fopen_for_read(issue_file);
+ if (!fp)
return;
- while ((c = fgetc(fd)) != EOF) {
+ while ((c = fgetc(fp)) != EOF) {
outbuf = buf;
buf[0] = c;
buf[1] = '\0';
- if(c == '\n') {
+ if (c == '\n') {
buf[1] = '\r';
buf[2] = '\0';
}
if (c == '\\' || c == '%') {
- c = fgetc(fd);
+ c = fgetc(fp);
switch (c) {
case 's':
outbuf = uts.sysname;
break;
case 'n':
+ case 'h':
outbuf = uts.nodename;
break;
case 'r':
break;
case 'D':
case 'o':
- c = getdomainname(buf, sizeof(buf) - 1);
- buf[c >= 0 ? c : 0] = '\0';
+ outbuf = uts.domainname;
break;
case 'd':
strftime(buf, sizeof(buf), fmtstr_d, localtime(&t));
case 't':
strftime(buf, sizeof(buf), fmtstr_t, localtime(&t));
break;
- case 'h':
- gethostname(buf, sizeof(buf) - 1);
- buf[sizeof(buf) - 1] = '\0';
- break;
case 'l':
outbuf = tty;
break;
}
fputs(outbuf, stdout);
}
- fclose(fd);
+ fclose(fp);
fflush(stdout);
}
-void print_login_prompt(void)
+void FAST_FUNC print_login_prompt(void)
{
- char buf[MAXHOSTNAMELEN+1];
-
- if (gethostname(buf, MAXHOSTNAMELEN) == 0)
- fputs(buf, stdout);
+ char *hostname = safe_gethostname();
+ fputs(hostname, stdout);
fputs(LOGIN, stdout);
fflush(stdout);
+ free(hostname);
+}
+
+/* Clear dangerous stuff, set PATH */
+static const char forbid[] ALIGN1 =
+ "ENV" "\0"
+ "BASH_ENV" "\0"
+ "HOME" "\0"
+ "IFS" "\0"
+ "SHELL" "\0"
+ "LD_LIBRARY_PATH" "\0"
+ "LD_PRELOAD" "\0"
+ "LD_TRACE_LOADED_OBJECTS" "\0"
+ "LD_BIND_NOW" "\0"
+ "LD_AOUT_LIBRARY_PATH" "\0"
+ "LD_AOUT_PRELOAD" "\0"
+ "LD_NOWARN" "\0"
+ "LD_KEEPDIR" "\0";
+
+int FAST_FUNC sanitize_env_if_suid(void)
+{
+ const char *p;
+
+ if (getuid() == geteuid())
+ return 0;
+
+ p = forbid;
+ do {
+ unsetenv(p);
+ p += strlen(p) + 1;
+ } while (*p);
+ putenv((char*)bb_PATH_root_path);
+
+ return 1; /* we indeed were run by different user! */
}