Remove ineffective check for login shell; require -p for suid/sgid

In main.c: 158: if(sh.ppid==1) 159: sh.login_sh++; If that was ever valid, it certainly is not now. As far as I know, there is no currently existing system where PID 1 (init or systemd or whatever) is the parent shell of the login shell, even straight after bootup; login shells are invoked via a program like login(1). Plus, there is no guarantee the init process actually has PID 1. This invalidates all use of login_sh that couldn't be replaced by checks for the login_shell option, so this commit does just that. src/cmd/ksh93/include/shell.h: - Remove login_sh flag. src/cmd/ksh93/sh/init.c: - If a login shell was detected, just set the login_shell option. - Remove obsolete check for #! setuid scripts. This was meant to guard against a symlink called '-i' to a setuid script with a hashbang path, which used to give users a root shell. All modern Unixes ignore the setuid bit when they detect a hashbang path. src/cmd/ksh93/SHOPT.sh: - By default, let's require the -p/--privileged invocation option for the setuid/setgid bit on the shell binary to be respected, for all user IDs (>= 0). This is what bash and mksh do, and it seems sensible. (See init.c 1475-1483)
2025-03-09 15:50:02 +00:00 · 2022-07-21 03:16:15 +02:00 · 2022-07-21 03:16:15 +02:00 · 8264d2089a
commit 8264d2089a
parent 948fab26aa
10 changed files with 8 additions and 24 deletions
--- a/src/cmd/ksh93/edit/history.c
+++ b/src/cmd/ksh93/edit/history.c
@ -194,8 +194,7 @@ static void hist_touch(void *handle)
 /*
 * open the history file
 * if HISTNAME is not given and userid==0 then no history file.
- * if login_sh and HISTFILE is longer than HIST_MAX bytes then it is
- * cleaned up.
+ * if HISTFILE is longer than HIST_MAX bytes then it is cleaned up.
 * hist_open() returns 1, if history file is open
 */
 int  sh_histinit(void)