… | |
… | |
46 | |
46 | |
47 | #ifdef HAVE_TERMIOS_H |
47 | #ifdef HAVE_TERMIOS_H |
48 | # include <termios.h> |
48 | # include <termios.h> |
49 | #endif |
49 | #endif |
50 | |
50 | |
|
|
51 | #if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__) |
|
|
52 | static uid_t saved_euid; |
|
|
53 | static gid_t saved_egid; |
|
|
54 | #endif |
|
|
55 | |
|
|
56 | bool |
|
|
57 | rxvt_tainted () |
|
|
58 | { |
|
|
59 | #if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__) |
|
|
60 | return getuid () != saved_euid || getgid () != saved_egid; |
|
|
61 | #else |
|
|
62 | return false; |
|
|
63 | #endif |
|
|
64 | } |
|
|
65 | |
51 | vector<rxvt_term *> rxvt_term::termlist; |
66 | vector<rxvt_term *> rxvt_term::termlist; |
52 | |
67 | |
53 | static char curlocale[128], savelocale[128]; |
68 | static char curlocale[128], savelocale[128]; |
54 | |
69 | |
55 | bool |
70 | bool |
… | |
… | |
61 | strncpy (curlocale, locale, 128); |
76 | strncpy (curlocale, locale, 128); |
62 | setlocale (LC_CTYPE, curlocale); |
77 | setlocale (LC_CTYPE, curlocale); |
63 | return true; |
78 | return true; |
64 | } |
79 | } |
65 | |
80 | |
66 | bool |
81 | void |
67 | rxvt_push_locale (const char *locale) |
82 | rxvt_push_locale (const char *locale) |
68 | { |
83 | { |
69 | strcpy (savelocale, curlocale); |
84 | strcpy (savelocale, curlocale); |
70 | rxvt_set_locale (locale); |
85 | rxvt_set_locale (locale); |
71 | } |
86 | } |
… | |
… | |
273 | // TODO: free pixcolours, colours should become part of rxvt_display |
288 | // TODO: free pixcolours, colours should become part of rxvt_display |
274 | |
289 | |
275 | delete pix_colors_focused; |
290 | delete pix_colors_focused; |
276 | #if OFF_FOCUS_FADING |
291 | #if OFF_FOCUS_FADING |
277 | delete pix_colors_unfocused; |
292 | delete pix_colors_unfocused; |
|
|
293 | #endif |
|
|
294 | #if USE_XGETDEFAULT |
|
|
295 | XrmDestroyDatabase (xrmdatabase); |
278 | #endif |
296 | #endif |
279 | |
297 | |
280 | displays.put (display); |
298 | displays.put (display); |
281 | |
299 | |
282 | scr_release (); |
300 | scr_release (); |
… | |
… | |
494 | |
512 | |
495 | if ((rs[Rs_perl_ext_1] && *rs[Rs_perl_ext_1]) |
513 | if ((rs[Rs_perl_ext_1] && *rs[Rs_perl_ext_1]) |
496 | || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2]) |
514 | || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2]) |
497 | || (rs[Rs_perl_eval] && *rs[Rs_perl_eval])) |
515 | || (rs[Rs_perl_eval] && *rs[Rs_perl_eval])) |
498 | { |
516 | { |
|
|
517 | #if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__) |
|
|
518 | // ignore some perl-related arguments if some bozo installed us set[ug]id |
|
|
519 | if (rxvt_tainted ()) |
|
|
520 | { |
|
|
521 | if ((rs[Rs_perl_lib] && *rs[Rs_perl_lib]) |
|
|
522 | || (rs[Rs_perl_eval] && *rs[Rs_perl_eval])) |
|
|
523 | { |
|
|
524 | rxvt_warn ("running with elevated privileges: ignoring perl-lib and perl-eval.\n"); |
|
|
525 | rs[Rs_perl_lib] = 0; |
|
|
526 | rs[Rs_perl_eval] = 0; |
|
|
527 | } |
|
|
528 | } |
|
|
529 | #endif |
499 | rxvt_perl.init (); |
530 | rxvt_perl.init (); |
500 | HOOK_INVOKE ((this, HOOK_INIT, DT_END)); |
531 | HOOK_INVOKE ((this, HOOK_INIT, DT_END)); |
501 | } |
532 | } |
502 | #endif |
533 | #endif |
503 | |
534 | |
… | |
… | |
613 | /* signal (SIGURG, SIG_DFL); */ |
644 | /* signal (SIGURG, SIG_DFL); */ |
614 | |
645 | |
615 | old_xerror_handler = XSetErrorHandler ((XErrorHandler) rxvt_xerror_handler); |
646 | old_xerror_handler = XSetErrorHandler ((XErrorHandler) rxvt_xerror_handler); |
616 | // TODO: handle this with exceptions and tolerate the memory loss |
647 | // TODO: handle this with exceptions and tolerate the memory loss |
617 | XSetIOErrorHandler (rxvt_xioerror_handler); |
648 | XSetIOErrorHandler (rxvt_xioerror_handler); |
|
|
649 | |
|
|
650 | #ifdef USE_XGETDEFAULT |
|
|
651 | XrmInitialize (); |
|
|
652 | #endif |
618 | } |
653 | } |
619 | |
654 | |
620 | /* ------------------------------------------------------------------------- * |
655 | /* ------------------------------------------------------------------------- * |
621 | * MEMORY ALLOCATION WRAPPERS * |
656 | * MEMORY ALLOCATION WRAPPERS * |
622 | * ------------------------------------------------------------------------- */ |
657 | * ------------------------------------------------------------------------- */ |
… | |
… | |
658 | * ------------------------------------------------------------------------- */ |
693 | * ------------------------------------------------------------------------- */ |
659 | /* take care of suid/sgid super-user (root) privileges */ |
694 | /* take care of suid/sgid super-user (root) privileges */ |
660 | void |
695 | void |
661 | rxvt_privileges (rxvt_privaction action) |
696 | rxvt_privileges (rxvt_privaction action) |
662 | { |
697 | { |
663 | #if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__) |
|
|
664 | static uid_t euid; |
|
|
665 | static gid_t egid; |
|
|
666 | #endif |
|
|
667 | |
|
|
668 | #if ! defined(__CYGWIN32__) |
698 | #if ! defined(__CYGWIN32__) |
669 | # if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) |
699 | # if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) |
670 | /* setreuid () is the poor man's setuid (), seteuid () */ |
700 | /* setreuid () is the poor man's setuid (), seteuid () */ |
671 | # define seteuid(a) setreuid(-1, (a)) |
701 | # define seteuid(a) setreuid(-1, (a)) |
672 | # define setegid(a) setregid(-1, (a)) |
702 | # define setegid(a) setregid(-1, (a)) |
… | |
… | |
682 | */ |
712 | */ |
683 | seteuid (getuid ()); |
713 | seteuid (getuid ()); |
684 | setegid (getgid ()); |
714 | setegid (getgid ()); |
685 | break; |
715 | break; |
686 | case SAVE: |
716 | case SAVE: |
687 | euid = geteuid (); |
717 | saved_euid = geteuid (); |
688 | egid = getegid (); |
718 | saved_egid = getegid (); |
689 | break; |
719 | break; |
690 | case RESTORE: |
720 | case RESTORE: |
691 | seteuid (euid); |
721 | seteuid (saved_euid); |
692 | setegid (egid); |
722 | setegid (saved_egid); |
693 | break; |
723 | break; |
694 | } |
724 | } |
695 | # else |
725 | # else |
696 | switch (action) |
726 | switch (action) |
697 | { |
727 | { |