--- rxvt-unicode/src/main.C	2006/01/08 00:20:12	1.165
+++ rxvt-unicode/src/main.C	2006/01/10 18:09:22	1.169
@@ -48,6 +48,21 @@
 # include <termios.h>
 #endif
 
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
+static uid_t saved_euid;
+static gid_t saved_egid;
+#endif
+
+bool
+rxvt_tainted ()
+{
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
+  return getuid () != saved_euid || getgid () != saved_egid;
+#else
+  return false;
+#endif
+}
+
 vector<rxvt_term *> rxvt_term::termlist;
 
 static char curlocale[128], savelocale[128];
@@ -63,7 +78,7 @@
   return true;
 }
 
-bool
+void
 rxvt_push_locale (const char *locale)
 {
   strcpy (savelocale, curlocale);
@@ -276,6 +291,9 @@
 #if OFF_FOCUS_FADING
   delete pix_colors_unfocused;
 #endif
+#if USE_XGETDEFAULT
+  XrmDestroyDatabase (xrmdatabase);
+#endif
 
   displays.put (display);
 
@@ -496,6 +514,19 @@
       || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2])
       || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
     {
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
+      // ignore some perl-related arguments if some bozo installed us set[ug]id
+      if (rxvt_tainted ())
+        {
+          if ((rs[Rs_perl_lib] && *rs[Rs_perl_lib])
+              || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
+            {
+              rxvt_warn ("running with elevated privileges: ignoring perl-lib and perl-eval.\n");
+              rs[Rs_perl_lib]  = 0;
+              rs[Rs_perl_eval] = 0;
+            }
+        }
+#endif
       rxvt_perl.init ();
       HOOK_INVOKE ((this, HOOK_INIT, DT_END));
     }
@@ -615,6 +646,10 @@
   old_xerror_handler = XSetErrorHandler ((XErrorHandler) rxvt_xerror_handler);
   // TODO: handle this with exceptions and tolerate the memory loss
   XSetIOErrorHandler (rxvt_xioerror_handler);
+
+#ifdef USE_XGETDEFAULT
+  XrmInitialize ();
+#endif
 }
 
 /* ------------------------------------------------------------------------- *
@@ -660,11 +695,6 @@
 void
 rxvt_privileges (rxvt_privaction action)
 {
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-  static uid_t euid;
-  static gid_t egid;
-#endif
-
 #if ! defined(__CYGWIN32__)
 # if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID)
   /* setreuid () is the poor man's setuid (), seteuid () */
@@ -684,12 +714,12 @@
         setegid (getgid ());
         break;
       case SAVE:
-        euid = geteuid ();
-        egid = getegid ();
+        saved_euid = geteuid ();
+        saved_egid = getegid ();
         break;
       case RESTORE:
-        seteuid (euid);
-        setegid (egid);
+        seteuid (saved_euid);
+        setegid (saved_egid);
         break;
     }
 # else