--- rxvt-unicode/src/main.C	2006/01/04 04:42:45	1.159
+++ rxvt-unicode/src/main.C	2006/01/08 08:43:11	1.167
@@ -13,7 +13,7 @@
  * Copyright (c) 1997,1998 Oezguer Kesim <kesim@math.fu-berlin.de>
  * Copyright (c) 1998-2001 Geoff Wing <gcw@pobox.com>
  *                              - extensive modifications
- * Copyright (c) 2003-2004 Marc Lehmann <pcg@goof.com>
+ * Copyright (c) 2003-2006 Marc Lehmann <pcg@goof.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -48,6 +48,11 @@
 # include <termios.h>
 #endif
 
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
+static uid_t saved_euid;
+static gid_t saved_egid;
+#endif
+
 vector<rxvt_term *> rxvt_term::termlist;
 
 static char curlocale[128], savelocale[128];
@@ -208,7 +213,7 @@
 
 rxvt_term::~rxvt_term ()
 {
-  PERL_INVOKE ((this, HOOK_DESTROY, DT_END));
+  HOOK_INVOKE ((this, HOOK_DESTROY, DT_END));
 
   termlist.erase (find (termlist.begin (), termlist.end(), this));
 
@@ -276,6 +281,9 @@
 #if OFF_FOCUS_FADING
   delete pix_colors_unfocused;
 #endif
+#if USE_XGETDEFAULT
+  XrmDestroyDatabase (xrmdatabase);
+#endif
 
   displays.put (display);
 
@@ -489,10 +497,32 @@
 #endif
 
 #if ENABLE_PERL
-  if (rs[Rs_perl_ext] && *rs[Rs_perl_ext])
+  if (!rs[Rs_perl_ext_1])
+    rs[Rs_perl_ext_1] = "default";
+
+  if ((rs[Rs_perl_ext_1] && *rs[Rs_perl_ext_1])
+      || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2])
+      || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
     {
-      rxvt_perl.init ();
-      PERL_INVOKE ((this, HOOK_INIT, DT_END));
+      bool tainted = false;
+
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
+      // ignore some perl-related arguments if some bozo installed us set[ug]id
+      if (getuid () != saved_euid || getgid () != saved_egid)
+        {
+          tainted = true;
+
+          if ((rs[Rs_perl_lib] && *rs[Rs_perl_lib])
+              || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
+            {
+              rxvt_warn ("running with elevated privileges: ignoring perl-lib and perl-eval.\n");
+              rs[Rs_perl_lib] = 0;
+              rs[Rs_perl_eval] = "our $tainted = 1";
+            }
+        }
+#endif
+      rxvt_perl.init (tainted);
+      HOOK_INVOKE ((this, HOOK_INIT, DT_END));
     }
 #endif
 
@@ -534,11 +564,12 @@
 
   free (cmd_argv);
 
-  pty_ev.start (pty.pty, EVENT_READ);
+  if (pty.pty >= 0)
+    pty_ev.start (pty.pty, EVENT_READ);
 
   check_ev.start ();
 
-  PERL_INVOKE ((this, HOOK_START, DT_END));
+  HOOK_INVOKE ((this, HOOK_START, DT_END));
 
   return true;
 }
@@ -609,6 +640,10 @@
   old_xerror_handler = XSetErrorHandler ((XErrorHandler) rxvt_xerror_handler);
   // TODO: handle this with exceptions and tolerate the memory loss
   XSetIOErrorHandler (rxvt_xioerror_handler);
+
+#ifdef USE_XGETDEFAULT
+  XrmInitialize ();
+#endif
 }
 
 /* ------------------------------------------------------------------------- *
@@ -654,11 +689,6 @@
 void
 rxvt_privileges (rxvt_privaction action)
 {
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-  static uid_t euid;
-  static gid_t egid;
-#endif
-
 #if ! defined(__CYGWIN32__)
 # if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID)
   /* setreuid () is the poor man's setuid (), seteuid () */
@@ -678,12 +708,12 @@
         setegid (getgid ());
         break;
       case SAVE:
-        euid = geteuid ();
-        egid = getegid ();
+        saved_euid = geteuid ();
+        saved_egid = getegid ();
         break;
       case RESTORE:
-        seteuid (euid);
-        setegid (egid);
+        seteuid (saved_euid);
+        setegid (saved_egid);
         break;
     }
 # else
@@ -1026,11 +1056,9 @@
       if (i >= 8 && i <= 15)
         {        /* bright colors */
           i -= 8;
-# ifndef NO_BRIGHTCOLOR
           pix_colors_focused[idx] = pix_colors_focused[minBrightCOLOR + i];
           SET_PIXCOLOR (idx);
           goto done;
-# endif
         }
 
       if (i >= 0 && i <= 7)