diff options
Diffstat (limited to 'guts')
-rw-r--r-- | guts/execl.c | 4 | ||||
-rw-r--r-- | guts/execle.c | 4 | ||||
-rw-r--r-- | guts/execv.c | 12 | ||||
-rw-r--r-- | guts/execve.c | 6 | ||||
-rw-r--r-- | guts/execvp.c | 8 |
5 files changed, 25 insertions, 9 deletions
diff --git a/guts/execl.c b/guts/execl.c index d7b477c..ca2df70 100644 --- a/guts/execl.c +++ b/guts/execl.c @@ -3,7 +3,7 @@ * guts/COPYRIGHT for information. * * static int - * wrap_execl(const char *path, const char *arg, va_list ap) { + * wrap_execl(const char *file, const char *arg, va_list ap) { * int rc = -1; */ @@ -33,7 +33,7 @@ } } - rc = wrap_execv (path, (char *const *) argv); + rc = wrap_execv (file, (char *const *) argv); free (argv); diff --git a/guts/execle.c b/guts/execle.c index 13fbfb9..5b44d78 100644 --- a/guts/execle.c +++ b/guts/execle.c @@ -3,7 +3,7 @@ * guts/COPYRIGHT for information. * * static int - * wrap_execle(const char *path, const char *arg, va_list ap) { + * wrap_execle(const char *file, const char *arg, va_list ap) { * int rc = -1; */ @@ -35,7 +35,7 @@ } envp = va_arg (ap, char *const *); - rc = wrap_execve (path, (char *const *) argv, envp); + rc = wrap_execve (file, (char *const *) argv, envp); free (argv); diff --git a/guts/execv.c b/guts/execv.c index 8183442..cc37e0a 100644 --- a/guts/execv.c +++ b/guts/execv.c @@ -3,9 +3,17 @@ * guts/COPYRIGHT for information. * * static int - * wrap_execv(const char *path, char *const *argv) { + * wrap_execv(const char *file, char *const *argv) { * int rc = -1; */ + /* note: we don't canonicalize this, because we are intentionally + * NOT redirecting execs into the chroot environment. If you try + * to execute /bin/sh, you get the actual /bin/sh, not + * <CHROOT>/bin/sh. This allows use of basic utilities. This + * design will likely be revisited. + */ + pseudo_client_op(OP_EXEC, PSA_EXEC, -1, -1, file, 0); + if (!pseudo_get_value("PSEUDO_RELOADED")) pseudo_setupenv(); else { @@ -17,7 +25,7 @@ * not much we can do about that. */ sigprocmask(SIG_SETMASK, &pseudo_saved_sigmask, NULL); - rc = real_execv(path, argv); + rc = real_execv(file, argv); /* return rc; * } diff --git a/guts/execve.c b/guts/execve.c index da407f5..36d4bfd 100644 --- a/guts/execve.c +++ b/guts/execve.c @@ -3,7 +3,7 @@ * guts/COPYRIGHT for information. * * static int - * wrap_execve(const char *filename, char *const *argv, char *const *envp) { + * wrap_execve(const char *file, char *const *argv, char *const *envp) { * int rc = -1; */ char * const *new_environ; @@ -13,7 +13,7 @@ * <CHROOT>/bin/sh. This allows use of basic utilities. This * design will likely be revisited. */ - pseudo_client_op(OP_EXEC, PSA_EXEC, -1, -1, filename, 0); + pseudo_client_op(OP_EXEC, PSA_EXEC, -1, -1, file, 0); if (!pseudo_get_value("PSEUDO_RELOADED")) new_environ = pseudo_setupenvp(envp); else { @@ -25,7 +25,7 @@ * not much we can do about that. */ sigprocmask(SIG_SETMASK, &pseudo_saved_sigmask, NULL); - rc = real_execve(filename, argv, new_environ); + rc = real_execve(file, argv, new_environ); /* return rc; * } diff --git a/guts/execvp.c b/guts/execvp.c index 8f0baa4..67eaff0 100644 --- a/guts/execvp.c +++ b/guts/execvp.c @@ -7,6 +7,14 @@ * int rc = -1; */ + /* note: we don't canonicalize this, because we are intentionally + * NOT redirecting execs into the chroot environment. If you try + * to execute /bin/sh, you get the actual /bin/sh, not + * <CHROOT>/bin/sh. This allows use of basic utilities. This + * design will likely be revisited. + */ + pseudo_client_op(OP_EXEC, PSA_EXEC, -1, -1, file, 0); + if (!pseudo_get_value("PSEUDO_RELOADED")) pseudo_setupenv(); else { |