Make sure the environment variables set by setusercontext() are passed on

to the child process. Reviewed by: ache Sponsored by: DARPA, NAI Labs
svn path=/head/; revision=99055
2025-01-01 12:19:28 +00:00 · 2002-06-29 11:21:58 +00:00 · 2002-06-29 11:21:58 +00:00 · c62005fc13 · 2020-12-20 02:59:44 +00:00
commit c62005fc13
parent bf2e2524a2
1 changed files with 23 additions and 9 deletions
--- a/crypto/openssh/session.c
+++ b/crypto/openssh/session.c
@ -34,6 +34,7 @@

 #include "includes.h"
 RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $");
+RCSID("$FreeBSD$");

 #include "ssh.h"
 #include "ssh1.h"
@ -931,6 +932,10 @@ do_setup_env(Session *s, const char *shell)
 	char buf[256];
 	u_int i, envsize;
 	char **env;
+#ifdef HAVE_LOGIN_CAP
+	extern char **environ;
+	char **senv, **var;
+#endif
 	struct passwd *pw = s->pw;

 	/* Initialize the environment. */
@ -946,14 +951,29 @@ do_setup_env(Session *s, const char *shell)
 	copy_environment(environ, &env, &envsize);
 #endif

+	if (getenv("TZ"))
+		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 	if (!options.use_login) {
 		/* Set basic environment. */
 		child_set_env(&env, &envsize, "USER", pw->pw_name);
 		child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
 		child_set_env(&env, &envsize, "HOME", pw->pw_dir);
+		snprintf(buf, sizeof buf, "%.200s/%.50s",
+			 _PATH_MAILDIR, pw->pw_name);
+		child_set_env(&env, &envsize, "MAIL", buf);
 #ifdef HAVE_LOGIN_CAP
-		(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
-		child_set_env(&env, &envsize, "PATH", getenv("PATH"));
+		child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
+		child_set_env(&env, &envsize, "TERM", "su");
+		senv = environ;
+		environ = xmalloc(sizeof(char *));
+		*environ = NULL;
+		(void) setusercontext(lc, pw, pw->pw_uid,
+		    LOGIN_SETENV|LOGIN_SETPATH);
+		copy_environment(environ, &env, &envsize);
+		for (var = environ; *var != NULL; ++var)
+			xfree(*var);
+		xfree(environ);
+		environ = senv;
 #else /* HAVE_LOGIN_CAP */
 # ifndef HAVE_CYGWIN
 		/*
@ -971,15 +991,9 @@ do_setup_env(Session *s, const char *shell)
 # endif /* HAVE_CYGWIN */
 #endif /* HAVE_LOGIN_CAP */

-		snprintf(buf, sizeof buf, "%.200s/%.50s",
-			 _PATH_MAILDIR, pw->pw_name);
-		child_set_env(&env, &envsize, "MAIL", buf);
-
 		/* Normal systems set SHELL by default. */
 		child_set_env(&env, &envsize, "SHELL", shell);
 	}
-	if (getenv("TZ"))
-		child_set_env(&env, &envsize, "TZ", getenv("TZ"));

 	/* Set custom environment options from RSA authentication. */
 	if (!options.use_login) {
@ -1162,7 +1176,7 @@ do_setusercontext(struct passwd *pw)
 #endif /* HAVE_SETPCRED */
 #ifdef HAVE_LOGIN_CAP
 		if (setusercontext(lc, pw, pw->pw_uid,
-		    (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
+		    (LOGIN_SETALL & ~(LOGIN_SETENV|LOGIN_SETPATH))) < 0) {
 			perror("unable to set user context");
 			exit(1);
 		}