From 55adb00203fcb35df767868a02d6bcaea86092f5 Mon Sep 17 00:00:00 2001 From: tedu Date: Mon, 17 Jun 2019 16:01:26 +0000 Subject: [PATCH] always reset the "su" variables, which is more consistent and predictable. ok martijn millert --- doas.conf.5 | 8 ++++++++ env.c | 24 +++++++++++------------- 2 files changed, 19 insertions(+), 13 deletions(-) diff --git a/doas.conf.5 b/doas.conf.5 index 8fd700b..c9ea1b8 100644 --- a/doas.conf.5 +++ b/doas.conf.5 @@ -54,6 +54,14 @@ The default is to reset the environment, except for the variables .Ev DISPLAY and .Ev TERM . +The variables +.Ev HOME , +.Ev LOGNAME , +.Ev PATH , +.Ev SHELL , +and +.Ev USER +are always reset. .It Ic setenv { Oo Ar variable ... Oc Oo Ar variable=value ... Oc Ic } In addition to the variables mentioned above, keep the space-separated specified variables. diff --git a/env.c b/env.c index c0f3837..f1fe45f 100644 --- a/env.c +++ b/env.c @@ -86,6 +86,10 @@ static struct env * createenv(const struct rule *rule, const struct passwd *mypw, const struct passwd *targpw) { + static const char *copyset[] = { + "DISPLAY", "TERM", + NULL + }; struct env *env; u_int i; @@ -96,6 +100,13 @@ createenv(const struct rule *rule, const struct passwd *mypw, env->count = 0; addnode(env, "DOAS_USER", mypw->pw_name); + addnode(env, "HOME", targpw->pw_dir); + addnode(env, "LOGNAME", targpw->pw_name); + addnode(env, "PATH", getenv("PATH")); + addnode(env, "SHELL", targpw->pw_shell); + addnode(env, "USER", targpw->pw_name); + + fillenv(env, copyset); if (rule->options & KEEPENV) { extern char **environ; @@ -125,19 +136,6 @@ createenv(const struct rule *rule, const struct passwd *mypw, env->count++; } } - } else { - static const char *copyset[] = { - "DISPLAY", "TERM", - NULL - }; - - addnode(env, "HOME", targpw->pw_dir); - addnode(env, "LOGNAME", targpw->pw_name); - addnode(env, "PATH", getenv("PATH")); - addnode(env, "SHELL", targpw->pw_shell); - addnode(env, "USER", targpw->pw_name); - - fillenv(env, copyset); } return env; -- 2.39.2