--- rxvt-unicode/src/main.C	2006/01/17 15:17:39	1.185
+++ rxvt-unicode/src/main.C	2006/01/20 10:27:08	1.191
@@ -48,27 +48,15 @@
 # include <termios.h>
 #endif
 
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-static uid_t saved_euid;
-static gid_t saved_egid;
-#endif
-
-bool
-rxvt_tainted ()
-{
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-  return getuid () != saved_euid || getgid () != saved_egid;
-#else
-  return false;
-#endif
-}
-
 vector<rxvt_term *> rxvt_term::termlist;
 
+// used to tell global functions which terminal instance is "active"
+rxvt_t rxvt_current_term;
+
 static char curlocale[128], savelocale[128];
 
 bool
-rxvt_set_locale (const char *locale)
+rxvt_set_locale (const char *locale) NOTHROW
 {
   if (!locale || !strncmp (locale, curlocale, 128))
     return false;
@@ -79,14 +67,14 @@
 }
 
 void
-rxvt_push_locale (const char *locale)
+rxvt_push_locale (const char *locale) NOTHROW
 {
   strcpy (savelocale, curlocale);
   rxvt_set_locale (locale);
 }
 
 void
-rxvt_pop_locale ()
+rxvt_pop_locale () NOTHROW
 {
   rxvt_set_locale (savelocale);
 }
@@ -186,6 +174,7 @@
 #endif
     termwin_ev (this, &rxvt_term::x_cb),
     vt_ev (this, &rxvt_term::x_cb),
+    child_ev (this, &rxvt_term::child_cb),
     check_ev (this, &rxvt_term::check_cb),
     flush_ev (this, &rxvt_term::flush_cb),
     destroy_ev (this, &rxvt_term::destroy_cb),
@@ -198,9 +187,6 @@
 
 #ifdef KEYSYM_RESOURCE
   keyboard = new keyboard_manager;
-
-  if (!keyboard)
-    rxvt_fatal ("out of memory, aborting.\n");
 #endif
 }
 
@@ -211,17 +197,11 @@
   if (cmd_pid)
     kill (-cmd_pid, SIGHUP);
 
-#ifdef UTMP_SUPPORT
-  privileged_utmp (RESTORE);
-#endif
-
   delete pty; pty = 0;
 }
 
 rxvt_term::~rxvt_term ()
 {
-  HOOK_INVOKE ((this, HOOK_DESTROY, DT_END));
-
   termlist.erase (find (termlist.begin (), termlist.end(), this));
 
   emergency_cleanup ();
@@ -306,9 +286,12 @@
 #endif
 }
 
+// child has exited, usually destroys
 void
-rxvt_term::child_exit ()
+rxvt_term::child_cb (child_watcher &w, int status)
 {
+  HOOK_INVOKE ((this, HOOK_CHILD_EXIT, DT_INT, status, DT_END));
+
   cmd_pid = 0;
 
   if (!OPTION (Opt_hold))
@@ -321,6 +304,9 @@
   if (destroy_ev.active)
     return;
 
+  if (HOOK_INVOKE ((this, HOOK_DESTROY, DT_END)))
+    return;
+
 #if ENABLE_OVERLAY
   scr_overlay_off ();
 #endif
@@ -480,11 +466,6 @@
   keyboard->register_done ();
 #endif
 
-#ifdef HAVE_SCROLLBARS
-  if (OPTION (Opt_scrollBar))
-    scrollBar.setIdle ();    /* set existence for size calculations */
-#endif
-
 #if ENABLE_PERL
   if (!rs[Rs_perl_ext_1])
     rs[Rs_perl_ext_1] = "default";
@@ -493,24 +474,16 @@
       || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2])
       || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
     {
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-      // ignore some perl-related arguments if some bozo installed us set[ug]id
-      if (rxvt_tainted ())
-        {
-          if ((rs[Rs_perl_lib] && *rs[Rs_perl_lib])
-              || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
-            {
-              rxvt_warn ("running with elevated privileges: ignoring perl-lib and perl-eval.\n");
-              rs[Rs_perl_lib]  = 0;
-              rs[Rs_perl_eval] = 0;
-            }
-        }
-#endif
       rxvt_perl.init (this);
       HOOK_INVOKE ((this, HOOK_INIT, DT_END));
     }
 #endif
 
+#ifdef HAVE_SCROLLBARS
+  if (OPTION (Opt_scrollBar))
+    scrollBar.setIdle ();    /* set existence for size calculations */
+#endif
+
   pty = rxvt_new_ptytty ();
 
   create_windows (argc, argv);
@@ -538,9 +511,6 @@
     }
 #endif
 
-  XMapWindow (disp, vt);
-  XMapWindow (disp, parent[0]);
-
   set_colorfgbg ();
 
   init_command (cmd_argv);
@@ -554,27 +524,16 @@
 
   HOOK_INVOKE ((this, HOOK_START, DT_END));
 
+  XMapWindow (disp, vt);
+  XMapWindow (disp, parent[0]);
+
   return true;
 }
 
 static struct sig_handlers
 {
-  sig_watcher sw_chld, sw_term, sw_int;
+  sig_watcher sw_term, sw_int;
   
-  void sig_chld (sig_watcher &w)
-  {
-    // we are being called for every SIGCHLD, find the corresponding term
-    int pid;
-
-    while ((pid = waitpid (-1, NULL, WNOHANG)) > 0)
-      for (rxvt_term **t = rxvt_term::termlist.begin (); t < rxvt_term::termlist.end (); t++)
-        if (pid == (*t)->cmd_pid)
-          {
-            (*t)->child_exit ();
-            break;
-          }
-  }
-
   /*
    * Catch a fatal signal and tidy up before quitting
    */
@@ -590,8 +549,7 @@
   }
 
   sig_handlers ()
-  : sw_chld (this, &sig_handlers::sig_chld),
-    sw_term (this, &sig_handlers::sig_term),
+  : sw_term (this, &sig_handlers::sig_term),
     sw_int  (this, &sig_handlers::sig_term)
   {
   }
@@ -602,22 +560,42 @@
 void
 rxvt_init ()
 {
-  rxvt_environ = environ;
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+      
+  // before doing anything else, check for setuid/setgid operation,
+  // start the helper process and drop privileges
+  if (uid != geteuid ()
+      || gid != getegid ())
+    {
+#if PTYTTY_HELPER
+      rxvt_ptytty_server ();
+#else
+      rxvt_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
+#endif
 
-  /*
-   * Save and then give up any super-user privileges
-   * If we need privileges in any area then we must specifically request it.
-   * We should only need to be root in these cases:
-   *  1.  write utmp entries on some systems
-   *  2.  chown tty on some systems
-   */
-  rxvt_privileges (SAVE);
-  rxvt_privileges (IGNORE);
+      // drop privileges
+#if HAVE_SETRESUID
+      setresgid (gid, gid, gid);
+      setresuid (uid, uid, uid);
+#elif HAVE_SETREUID
+      setregid (gid, gid);
+      setreuid (uid, uid);
+#elif HAVE_SETUID
+      setgid (gid);
+      setuid (uid);
+#endif
+
+      if (uid != geteuid ()
+          || gid != getegid ())
+        rxvt_fatal ("unable to drop privileges, aborting.\n");
+    }
+
+  rxvt_environ = environ;
 
   signal (SIGHUP,  SIG_IGN);
   signal (SIGPIPE, SIG_IGN);
 
-  sig_handlers.sw_chld.start (SIGCHLD);
   sig_handlers.sw_term.start (SIGTERM);
   sig_handlers.sw_int.start  (SIGINT);
 
@@ -656,7 +634,7 @@
   return p;
 }
 
-void           *
+void *
 rxvt_realloc (void *ptr, size_t size)
 {
   void *p = realloc (ptr, size);
@@ -667,56 +645,6 @@
   return p;
 }
 
-/* ------------------------------------------------------------------------- *
- *                            PRIVILEGED OPERATIONS                          *
- * ------------------------------------------------------------------------- */
-/* take care of suid/sgid super-user (root) privileges */
-void
-rxvt_privileges (rxvt_privaction action)
-{
-#if ! defined(__CYGWIN32__)
-# if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID)
-  /* setreuid () is the poor man's setuid (), seteuid () */
-#  define seteuid(a)    setreuid(-1, (a))
-#  define setegid(a)    setregid(-1, (a))
-#  define HAVE_SETEUID
-# endif
-# ifdef HAVE_SETEUID
-  switch (action)
-    {
-      case IGNORE:
-        /*
-         * change effective uid/gid - not real uid/gid - so we can switch
-         * back to root later, as required
-         */
-        setegid (getgid ());
-        seteuid (getuid ());
-        break;
-      case SAVE:
-        saved_egid = getegid ();
-        saved_euid = geteuid ();
-        break;
-      case RESTORE:
-        setegid (saved_egid);
-        seteuid (saved_euid);
-        break;
-    }
-# else
-  switch (action)
-    {
-      case IGNORE:
-        setgid (getgid ());
-        setuid (getuid ());
-        /* FALLTHROUGH */
-      case SAVE:
-        /* FALLTHROUGH */
-      case RESTORE:
-        break;
-    }
-# endif
-#endif
-}
-
 /*----------------------------------------------------------------------*/
 /*
  * window size/position calculcations for XSizeHint and other storage.
@@ -1664,7 +1592,4 @@
 }
 #endif                          /* USE_XIM */
 
-/*----------------------------------------------------------------------*/
-rxvt_t          rxvt_current_term;
-
 /*----------------------- end-of-file (C source) -----------------------*/