qrexec: use user shell instead of hardcoded /bin/sh

Fixes QubesOS/qubes-issues#3139
2017-10-02 04:10:55 +02:00 · 2017-10-02 04:10:55 +02:00 · 6bf395022a
commit 6bf395022a
parent 1497b3b05b
2 changed files with 19 additions and 2 deletions
--- a/qrexec/qrexec-agent.c
+++ b/qrexec/qrexec-agent.c
@ -144,6 +144,8 @@ void do_exec(const char *cmd)
    pid_t child, pid;
    char **env;
    char pid_s[32];
+    char *arg0;
+    char *shell_basename;
 #endif

    if (!realcmd)
@ -184,6 +186,14 @@ void do_exec(const char *cmd)
    pw->pw_shell = strdup(pw->pw_shell);
    endpwent();

+    shell_basename = basename (pw->pw_shell);
+    /* this process is going to die shortly, so don't care about freeing */
+    arg0 = malloc (strlen (shell_basename) + 2);
+    if (!arg0)
+        goto error;
+    arg0[0] = '-';
+    strcpy (arg0 + 1, shell_basename);
+
    retval = pam_start("qrexec", user, &conv, &pamh);
    if (retval != PAM_SUCCESS)
        goto error;
@ -220,6 +230,7 @@ void do_exec(const char *cmd)
            goto error;
        case 0:
            /* child */
+
            if (setgid (pw->pw_gid))
                exit(126);
            if (setuid (pw->pw_uid))
@ -227,7 +238,8 @@ void do_exec(const char *cmd)
            setsid();
            /* This is a copy but don't care to free as we exec later anyways.  */
            env = pam_getenvlist (pamh);
-            execle("/bin/sh", "-sh", "-c", realcmd, (char*)NULL, env);
+
+            execle(pw->pw_shell, arg0, "-c", realcmd, (char*)NULL, env);
            exit(127);
        default:
            /* parent */
--- a/qrexec/qrexec-fork-server.c
+++ b/qrexec/qrexec-fork-server.c
@ -35,6 +35,7 @@

 void do_exec(const char *cmd)
 {
+    char *shell;
    char buf[strlen(QUBES_RPC_MULTIPLEXER_PATH) + strlen(cmd) - strlen(RPC_REQUEST_COMMAND) + 1];
    /* replace magic RPC cmd with RPC multiplexer path */
    if (strncmp(cmd, RPC_REQUEST_COMMAND " ", strlen(RPC_REQUEST_COMMAND)+1)==0) {
@ -45,7 +46,11 @@ void do_exec(const char *cmd)
    signal(SIGCHLD, SIG_DFL);
    signal(SIGPIPE, SIG_DFL);

-    execl("/bin/sh", "sh", "-c", cmd, NULL);
+    shell = getenv("SHELL");
+    if (!shell)
+        shell = "/bin/sh";
+
+    execl(shell, basename(shell), "-c", cmd, NULL);
    perror("execl");
    exit(1);
 }