Allow path-bound builtins on restricted shells

If a system administrator prefixes /opt/ast/bin to the path and then invokes the shell in restricted mode, they clearly intend for the user to run those AST utilities. Similarly, if a system administrator sets a PATH for a restricted shell that includes libraries listed in the .paths file, they must have intended for the user to use those loadable built-ins, as they will be associated with the pathnames of their respective libraries. Since the user cannot change PATH or use the builtin command, they still cannot load just any built-in they choose. src/cmd/ksh93/sh/path.c: - Remove SH_RESTRICTED check when handling path-bound builtins or dynamic libaries containining builtins in $PATH. src/cmd/ksh93/tests/builtins.sh: - Add test verifying a restricted user can use /opt/ast/bin/cat via a PATH search. Progresses: https://github.com/ksh93/ksh/issues/138
2025-03-09 15:50:02 +00:00 · 2021-04-08 14:39:30 +01:00 · 2021-04-08 14:39:30 +01:00 · 2e5b625915
commit 2e5b625915
parent 0cd8646361
4 changed files with 21 additions and 2 deletions
--- a/5
+++ b/5
@ -3,6 +3,11 @@ For full details, see the git log at: https://github.com/ksh93/ksh

 Any uppercase BUG_* names are modernish shell bug IDs.

+2021-04-08:
+
+- Path-bound builtins will now be used by restricted shells if /opt/ast/bin
+  is in the $PATH upon invoking the shell or before setting it to restricted.
+
 2021-04-07:

 - The $LC_TIME variable is now recognized by ksh and if set to an invalid