From 4c0c2fb7766546cb466f05f76e5febd5d8f682e0 Mon Sep 17 00:00:00 2001
From: markus schnalke <meillo@marmaro.de>
Date: Thu, 22 Mar 2012 08:49:57 +0100
Subject: [PATCH 1/1] slocal: Don't remove $PATH from env. Now execvp()
 searches as expected. Stripping the environment may
 rather keep the user from doing sensible things than it
 increases the security. Maybe we shouldn't strip it at
 all.

---
 uip/slocal.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/uip/slocal.c b/uip/slocal.c
index b619952..7f27226 100644
--- a/uip/slocal.c
+++ b/uip/slocal.c
@@ -1108,6 +1108,7 @@ usr_pipe(int fd, char *cmd, char *pgm, char **vec, int suppress)
 	pid_t child_id;
 	int bytes, seconds, status;
 	struct stat st;
+	char *path;
 
 	if (verbose && !suppress) {
 		verbose_printf("delivering to pipe \"%s\"", cmd);
@@ -1144,10 +1145,12 @@ usr_pipe(int fd, char *cmd, char *pgm, char **vec, int suppress)
 		/* put in own process group */
 		setpgid((pid_t) 0, getpid());
 
+		path = getenv("PATH");
 		*environ = NULL;
 		m_putenv("USER", pw->pw_name);
 		m_putenv("HOME", pw->pw_dir);
 		m_putenv("SHELL", pw->pw_shell);
+		m_putenv("PATH", path);
 
 		execvp(pgm, vec);
 		_exit(-1);
-- 
1.7.10.4