Browse Source

system() $EDITOR safely

OPENBSD_2_0
deraadt 28 years ago
parent
commit
c153de987d
1 changed files with 7 additions and 5 deletions
  1. +7
    -5
      src/lib/libutil/passwd.c

+ 7
- 5
src/lib/libutil/passwd.c View File

@ -154,19 +154,21 @@ pw_edit(notsetuid, filename)
filename = _PATH_MASTERPASSWD_LOCK; filename = _PATH_MASTERPASSWD_LOCK;
if (!(editor = getenv("EDITOR"))) if (!(editor = getenv("EDITOR")))
editor = _PATH_VI; editor = _PATH_VI;
if (p = strrchr(editor, '/'))
++p;
else
p = editor;
p = malloc(strlen(editor) + 1 + strlen(filename) + 1);
if (p == NULL)
return;
sprintf(p, "%s %s", editor, filename);
if (!(editpid = vfork())) { if (!(editpid = vfork())) {
if (notsetuid) { if (notsetuid) {
setgid(getgid()); setgid(getgid());
setuid(getuid()); setuid(getuid());
} }
execlp(editor, p, filename, NULL);
system(p);
_exit(1); _exit(1);
} }
free(p);
for (;;) { for (;;) {
editpid = waitpid(editpid, (int *)&pstat, WUNTRACED); editpid = waitpid(editpid, (int *)&pstat, WUNTRACED);
if (editpid == -1) if (editpid == -1)


Loading…
Cancel
Save