diff options
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index c335ef13d..fe9118580 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -771,18 +771,15 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { | |||
771 | 771 | ||
772 | } | 772 | } |
773 | 773 | ||
774 | |||
775 | |||
776 | char *guess_shell(void) { | 774 | char *guess_shell(void) { |
777 | char *shell = NULL; | 775 | char *shell = NULL; |
778 | struct stat s; | 776 | struct stat s; |
779 | 777 | ||
780 | shell = getenv("SHELL"); | 778 | shell = getenv("SHELL"); |
781 | if (shell) { | 779 | if (shell) { |
782 | // TODO: handle rogue shell variables? | 780 | invalid_filename(shell, 0); // no globbing |
783 | if (stat(shell, &s) == 0 && access(shell, R_OK) == 0) { | 781 | if (!is_dir(shell) && strstr(shell, "..") == NULL && stat(shell, &s) == 0 && access(shell, X_OK) == 0) |
784 | return shell; | 782 | return shell; |
785 | } | ||
786 | } | 783 | } |
787 | 784 | ||
788 | // shells in order of preference | 785 | // shells in order of preference |
@@ -791,7 +788,7 @@ char *guess_shell(void) { | |||
791 | int i = 0; | 788 | int i = 0; |
792 | while (shells[i] != NULL) { | 789 | while (shells[i] != NULL) { |
793 | // access call checks as real UID/GID, not as effective UID/GID | 790 | // access call checks as real UID/GID, not as effective UID/GID |
794 | if (stat(shells[i], &s) == 0 && access(shells[i], R_OK) == 0) { | 791 | if (stat(shells[i], &s) == 0 && access(shells[i], X_OK) == 0) { |
795 | shell = shells[i]; | 792 | shell = shells[i]; |
796 | break; | 793 | break; |
797 | } | 794 | } |
@@ -2142,12 +2139,12 @@ int main(int argc, char **argv) { | |||
2142 | char *shellpath; | 2139 | char *shellpath; |
2143 | if (asprintf(&shellpath, "%s%s", cfg.chrootdir, cfg.shell) == -1) | 2140 | if (asprintf(&shellpath, "%s%s", cfg.chrootdir, cfg.shell) == -1) |
2144 | errExit("asprintf"); | 2141 | errExit("asprintf"); |
2145 | if (access(shellpath, R_OK)) { | 2142 | if (access(shellpath, X_OK)) { |
2146 | fprintf(stderr, "Error: cannot access shell file in chroot\n"); | 2143 | fprintf(stderr, "Error: cannot access shell file in chroot\n"); |
2147 | exit(1); | 2144 | exit(1); |
2148 | } | 2145 | } |
2149 | free(shellpath); | 2146 | free(shellpath); |
2150 | } else if (access(cfg.shell, R_OK)) { | 2147 | } else if (access(cfg.shell, X_OK)) { |
2151 | fprintf(stderr, "Error: cannot access shell file\n"); | 2148 | fprintf(stderr, "Error: cannot access shell file\n"); |
2152 | exit(1); | 2149 | exit(1); |
2153 | } | 2150 | } |