[ViewVC] Diff of: cvs/rxvt-unicode/src/main.C

Comparing rxvt-unicode/src/main.C (file contents):
Revision 1.180 by root, Mon Jan 16 15:00:20 2006 UTC vs.
Revision 1.189 by root, Thu Jan 19 09:47:15 2006 UTC

 #ifdef HAVE_TERMIOS_H
 # include <termios.h>
 #endif
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-static uid_t saved_euid;
-static gid_t saved_egid;
-#endif
-bool
-rxvt_tainted ()
-{
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-  return getuid () != saved_euid || getgid () != saved_egid;
-#else
-  return false;
-#endif
-}
 vector<rxvt_term *> rxvt_term::termlist;
 static char curlocale[128], savelocale[128];
 bool
 #ifdef USE_XIM
     im_ev (this, &rxvt_term::im_cb),
 #endif
     termwin_ev (this, &rxvt_term::x_cb),
     vt_ev (this, &rxvt_term::x_cb),
+    child_ev (this, &rxvt_term::child_cb),
     check_ev (this, &rxvt_term::check_cb),
     flush_ev (this, &rxvt_term::flush_cb),
     destroy_ev (this, &rxvt_term::destroy_cb),
     pty_ev (this, &rxvt_term::pty_cb),
     incr_ev (this, &rxvt_term::incr_cb)
 void rxvt_term::emergency_cleanup ()
 {
   if (cmd_pid)
     kill (-cmd_pid, SIGHUP);
-#ifdef UTMP_SUPPORT
+  delete pty; pty = 0;
-  privileged_utmp (RESTORE);
-#endif
-  pty.put ();
 }
 rxvt_term::~rxvt_term ()
 {
   HOOK_INVOKE ((this, HOOK_DESTROY, DT_END));
 #ifdef KEYSYM_RESOURCE
   delete keyboard;
 #endif
 }
+// child has exited, usually destroys
 void
-rxvt_term::child_exit ()
+rxvt_term::child_cb (child_watcher &w, int status)
 {
+  HOOK_INVOKE ((this, HOOK_CHILD_EXIT, DT_INT, status, DT_END));
   cmd_pid = 0;
   if (!OPTION (Opt_hold))
     destroy ();
 }
   if ((rs[Rs_perl_ext_1] && *rs[Rs_perl_ext_1])
       || (rs[Rs_perl_ext_2] && *rs[Rs_perl_ext_2])
       || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
     {
-#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && !defined(__CYGWIN32__)
-      // ignore some perl-related arguments if some bozo installed us set[ug]id
-      if (rxvt_tainted ())
-        {
-          if ((rs[Rs_perl_lib] && *rs[Rs_perl_lib])
-              || (rs[Rs_perl_eval] && *rs[Rs_perl_eval]))
-            {
-              rxvt_warn ("running with elevated privileges: ignoring perl-lib and perl-eval.\n");
-              rs[Rs_perl_lib]  = 0;
-              rs[Rs_perl_eval] = 0;
-            }
-        }
-#endif
       rxvt_perl.init (this);
       HOOK_INVOKE ((this, HOOK_INIT, DT_END));
     }
 #endif
+  pty = rxvt_new_ptytty ();
   create_windows (argc, argv);
   dDisp;
   init_command (cmd_argv);
   free (cmd_argv);
-  if (pty.pty >= 0)
+  if (pty->pty >= 0)
-    pty_ev.start (pty.pty, EVENT_READ);
+    pty_ev.start (pty->pty, EVENT_READ);
   check_ev.start ();
   HOOK_INVOKE ((this, HOOK_START, DT_END));
   return true;
 }
 static struct sig_handlers
 {
-  sig_watcher sw_chld, sw_term, sw_int;
+  sig_watcher sw_term, sw_int;
-  void sig_chld (sig_watcher &w)
-  {
-    // we are being called for every SIGCHLD, find the corresponding term
-    int pid;
-    while ((pid = waitpid (-1, NULL, WNOHANG)) > 0)
-      for (rxvt_term **t = rxvt_term::termlist.begin (); t < rxvt_term::termlist.end (); t++)
-        if (pid == (*t)->cmd_pid)
-          {
-            (*t)->child_exit ();
-            break;
-          }
-  }
   /*
    * Catch a fatal signal and tidy up before quitting
    */
   void
   sig_term (sig_watcher &w)
     signal (w.signum, SIG_DFL);
     kill (getpid (), w.signum);
   }
   sig_handlers ()
-  : sw_chld (this, &sig_handlers::sig_chld),
-    sw_term (this, &sig_handlers::sig_term),
+  : sw_term (this, &sig_handlers::sig_term),
     sw_int  (this, &sig_handlers::sig_term)
   {
   }
 } sig_handlers;
 char **rxvt_environ; // startup environment
 void
 rxvt_init ()
 {
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+  // before doing anything else, check for setuid/setgid operation,
+  // start the helper process and drop privileges
+  if (uid != geteuid ()
+      || gid != getegid ())
+    {
+#if PTYTTY_HELPER
+      rxvt_ptytty_server ();
+#else
+      rxvt_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
+#endif
+      // drop privileges
+#if HAVE_SETRESUID
+      setresgid (gid, gid, gid);
+      setresuid (uid, uid, uid);
+#elif HAVE_SETREUID
+      setregid (gid, gid);
+      setreuid (uid, uid);
+#elif HAVE_SETUID
+      setgid (gid);
+      setuid (uid);
+#endif
+      if (uid != geteuid ()
+          || gid != getegid ())
+        rxvt_fatal ("unable to drop privileges, aborting.\n");
+    }
   rxvt_environ = environ;
-  /*
-   * Save and then give up any super-user privileges
-   * If we need privileges in any area then we must specifically request it.
-   * We should only need to be root in these cases:
-   *  1.  write utmp entries on some systems
-   *  2.  chown tty on some systems
-   */
-  rxvt_privileges (SAVE);
-  rxvt_privileges (IGNORE);
   signal (SIGHUP,  SIG_IGN);
   signal (SIGPIPE, SIG_IGN);
-  sig_handlers.sw_chld.start (SIGCHLD);
   sig_handlers.sw_term.start (SIGTERM);
   sig_handlers.sw_int.start  (SIGINT);
   /* need to trap SIGURG for SVR4 (Unixware) rlogin */
   /* signal (SIGURG, SIG_DFL); */
   if (!p)
     rxvt_fatal ("memory allocation failure. aborting.\n");
   return p;
 }
-/* ------------------------------------------------------------------------- *
- *                            PRIVILEGED OPERATIONS                          *
- * ------------------------------------------------------------------------- */
-/* take care of suid/sgid super-user (root) privileges */
-void
-rxvt_privileges (rxvt_privaction action)
-{
-#if ! defined(__CYGWIN32__)
-# if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID)
-  /* setreuid () is the poor man's setuid (), seteuid () */
-#  define seteuid(a)    setreuid(-1, (a))
-#  define setegid(a)    setregid(-1, (a))
-#  define HAVE_SETEUID
-# endif
-# ifdef HAVE_SETEUID
-  switch (action)
-    {
-      case IGNORE:
-        /*
-         * change effective uid/gid - not real uid/gid - so we can switch
-         * back to root later, as required
-         */
-        setegid (getgid ());
-        seteuid (getuid ());
-        break;
-      case SAVE:
-        saved_egid = getegid ();
-        saved_euid = geteuid ();
-        break;
-      case RESTORE:
-        setegid (saved_egid);
-        seteuid (saved_euid);
-        break;
-    }
-# else
-  switch (action)
-    {
-      case IGNORE:
-        setgid (getgid ());
-        setuid (getuid ());
-        /* FALLTHROUGH */
-      case SAVE:
-        /* FALLTHROUGH */
-      case RESTORE:
-        break;
-    }
-# endif
-#endif
-}
-#ifdef UTMP_SUPPORT
-void
-rxvt_term::privileged_utmp (rxvt_privaction action)
-{
-  if (OPTION (Opt_utmpInhibit)
-      || !pty.name || !*pty.name)
-    return;
-  rxvt_privileges (RESTORE);
-  if (action == SAVE)
-    makeutent (pty.name, rs[Rs_display_name]);
-  else
-    cleanutent ();
-  rxvt_privileges (IGNORE);
-}
-#endif
 /*----------------------------------------------------------------------*/
 /*
  * window size/position calculcations for XSizeHint and other storage.
  * if width/height are non-zero then override calculated width/height
  * Called after a window size change.
  */
 void
 rxvt_term::tt_winch ()
 {
-  if (pty.pty < 0)
+  if (pty->pty < 0)
     return;
   struct winsize ws;
   ws.ws_col = ncol;
   ws.ws_row = nrow;
   ws.ws_xpixel = width;
   ws.ws_ypixel = height;
-  (void)ioctl (pty.pty, TIOCSWINSZ, &ws);
+  (void)ioctl (pty->pty, TIOCSWINSZ, &ws);
 #if 0
   // TIOCSWINSZ⎈ is supposed to do this automatically and correctly
   if (cmd_pid)               /* force through to the command */
     kill (-cmd_pid, SIGWINCH);

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing rxvt-unicode/src/main.C (file contents): Revision 1.180 by root, Mon Jan 16 15:00:20 2006 UTC vs. Revision 1.189 by root, Thu Jan 19 09:47:15 2006 UTC

Diff Legend

Comparing rxvt-unicode/src/main.C (file contents):
Revision 1.180 by root, Mon Jan 16 15:00:20 2006 UTC vs.
Revision 1.189 by root, Thu Jan 19 09:47:15 2006 UTC