From eb22dee79cacf9abab1c8f5cef6acf7e64689584 Mon Sep 17 00:00:00 2001 From: Corey Hinshaw Date: Sun, 10 Feb 2019 20:41:04 -0500 Subject: [PATCH] Remove allowed shell check from swayrun Because swayrun should be run from a safe environment, validating the user's shell against /etc/shells seems unnecessary. --- swayrun/main.c | 36 ++---------------------------------- swayrun/meson.build | 2 -- swayrun/swayrun.1.scd | 11 +++-------- 3 files changed, 5 insertions(+), 44 deletions(-) diff --git a/swayrun/main.c b/swayrun/main.c index f8ffd9e86..3ffe0a00d 100644 --- a/swayrun/main.c +++ b/swayrun/main.c @@ -1,48 +1,16 @@ -#define _POSIX_C_SOURCE 200809L // for getline +#define _POSIX_C_SOURCE 200809L #include -#include #include #include #include #include -#include "stringop.h" #define SWAY_COMMAND "sway" -char allowed_shell(char *shell) { - FILE *fp; - char *line = NULL; - size_t len = 0; - char allowed = false; - - if (strstr(shell, "false") != NULL || strstr(shell, "nologin") != NULL) { - return false; - } - - fp = fopen("/etc/shells", "r"); - if (fp == NULL) { - return true; - } - - while (getline(&line, &len, fp) != -1) { - strip_whitespace(line); - if (strcmp(shell, line) == 0) { - allowed = true; - break; - } - } - - fclose(fp); - if (line) { - free(line); - } - return allowed; -} - int main(int argc, char **argv) { char *shell = getenv("SHELL"); - if (shell && allowed_shell(shell)) { + if (shell) { // 3 exec arguments + argc + argv[argc] NULL pointer int exec_argc = 4 + argc; char **exec_argv = malloc(exec_argc * sizeof(char*)); diff --git a/swayrun/meson.build b/swayrun/meson.build index 5ad98bc84..bbf682b1a 100644 --- a/swayrun/meson.build +++ b/swayrun/meson.build @@ -1,7 +1,5 @@ executable( 'swayrun', 'main.c', - include_directories: [sway_inc], - link_with: [lib_sway_common], install: true ) diff --git a/swayrun/swayrun.1.scd b/swayrun/swayrun.1.scd index e8f84fd9e..44a917fde 100644 --- a/swayrun/swayrun.1.scd +++ b/swayrun/swayrun.1.scd @@ -11,16 +11,11 @@ _swayrun_ [options...] [command] # DESCRIPTION Attempts to run *sway*(1) via the user's login shell. This allows environment -configuration and other login actions, for example when run via a login manager. +configuration and other login actions, for example when run via a display manager. All arguments to swayrun will be passed through unaltered to sway. -If a valid login shell cannot be determined, sway will be executed normally. - -# CONFIGURATION - -swayrun will consult */etc/shells* if it exists for a list of valid login -shells. In addition, *false* and *nologin* will be considered invalid shells. +If a login shell cannot be determined, sway will be executed normally. # ENVIRONMENT @@ -31,4 +26,4 @@ _SHELL_ # SEE -*sway*(1) *shells*(5) +*sway*(1)