1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/***********************************************************************
* *
* This software is part of the ast package *
* Copyright (c) 1985-2010 AT&T Intellectual Property *
* and is licensed under the *
* Common Public License, Version 1.0 *
* by AT&T Intellectual Property *
* *
* A copy of the License is available at *
* http://www.opensource.org/licenses/cpl1.0.txt *
* (with md5 checksum 059e8cd6165cb4c31e351f2b69388fd9) *
* *
* Information and Software Systems Research *
* AT&T Research *
* Florham Park NJ *
* *
* Glenn Fowler <gsf@research.att.com> *
* David Korn <dgk@research.att.com> *
* Phong Vo <kpv@research.att.com> *
* *
***********************************************************************/
#pragma prototyped
/*
* G. S. Fowler
* D. G. Korn
* AT&T Bell Laboratories
*
* shell library support
*/
#include <ast.h>
#include <sys/stat.h>
/*
* return pointer to the full path name of the shell
*
* SHELL is read from the environment and must start with /
*
* if set-uid or set-gid then the executable and its containing
* directory must not be owned by the real user/group
*
* root/administrator has its own test
*
* astconf("SH",NiL,NiL) is returned by default
*
* NOTE: csh is rejected because the bsh/csh differentiation is
* not done for `csh script arg ...'
*/
char*
pathshell(void)
{
register char* sh;
int ru;
int eu;
int rg;
int eg;
struct stat st;
static char* val;
if ((sh = getenv("SHELL")) && *sh == '/' && strmatch(sh, "*/(sh|*[!cC]sh)*([[:digit:]])?(-+([.[:alnum:]]))?(.exe)"))
{
if (!(ru = getuid()) || !eaccess("/bin", W_OK))
{
if (stat(sh, &st))
goto defshell;
if (ru != st.st_uid && !strmatch(sh, "?(/usr)?(/local)/?([ls])bin/?([[:lower:]])sh?(.exe)"))
goto defshell;
}
else
{
eu = geteuid();
rg = getgid();
eg = getegid();
if (ru != eu || rg != eg)
{
char* s;
char dir[PATH_MAX];
s = sh;
for (;;)
{
if (stat(s, &st))
goto defshell;
if (ru != eu && st.st_uid == ru)
goto defshell;
if (rg != eg && st.st_gid == rg)
goto defshell;
if (s != sh)
break;
if (strlen(s) >= sizeof(dir))
goto defshell;
strcpy(dir, s);
if (!(s = strrchr(dir, '/')))
break;
*s = 0;
s = dir;
}
}
}
return sh;
}
defshell:
if (!(sh = val))
{
if (!*(sh = astconf("SH", NiL, NiL)) || *sh != '/' || eaccess(sh, X_OK) || !(sh = strdup(sh)))
sh = "/bin/sh";
val = sh;
}
return sh;
}
|