From: markus schnalke <meillo@marmaro.de>
Date: Thu, 22 Mar 2012 07:49:57 +0000 (+0100)
Subject: slocal: Don't remove $PATH from env. Now execvp() searches as expected.
X-Git-Tag: mmh-thesis-end~261
X-Git-Url: http://git.marmaro.de/?p=mmh;a=commitdiff_plain;h=4c0c2fb7766546cb466f05f76e5febd5d8f682e0;hp=7456ca0a9639bfb73899b721fe66323d90277160

slocal: Don't remove $PATH from env. Now execvp() searches as expected.
Stripping the environment may rather keep the user from doing sensible
things than it increases the security. Maybe we shouldn't strip it at all.
---

diff --git a/uip/slocal.c b/uip/slocal.c
index b619952..7f27226 100644
--- a/uip/slocal.c
+++ b/uip/slocal.c
@@ -1108,6 +1108,7 @@ usr_pipe(int fd, char *cmd, char *pgm, char **vec, int suppress)
 	pid_t child_id;
 	int bytes, seconds, status;
 	struct stat st;
+	char *path;
 
 	if (verbose && !suppress) {
 		verbose_printf("delivering to pipe \"%s\"", cmd);
@@ -1144,10 +1145,12 @@ usr_pipe(int fd, char *cmd, char *pgm, char **vec, int suppress)
 		/* put in own process group */
 		setpgid((pid_t) 0, getpid());
 
+		path = getenv("PATH");
 		*environ = NULL;
 		m_putenv("USER", pw->pw_name);
 		m_putenv("HOME", pw->pw_dir);
 		m_putenv("SHELL", pw->pw_shell);
+		m_putenv("PATH", path);
 
 		execvp(pgm, vec);
 		_exit(-1);