Add the -p (privileged) commandline switch

found in bash, zsh, and friends.

Reviewed by: joerg

4 files changed, 31 insertions, 8 deletions

diff --git a/bin/sh/main.c b/bin/sh/main.c
index 13ce050..f392c12 100644
--- a/bin/sh/main.c
+++ b/bin/sh/main.c
@@ -33,7 +33,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: main.c,v 1.7 1996/09/12 02:23:33 bde Exp $
+ *	$Id: main.c,v 1.8 1996/09/12 12:41:46 adam Exp $
  */
 
 #ifndef lint
@@ -162,11 +162,14 @@ main(argc, argv)
 		read_profile("/etc/profile");
 state1:
 		state = 2;
-		read_profile(".profile");
+		if (privileged == 0)
+			read_profile(".profile");
+		else
+			read_profile("/etc/suid_profile");
 	}
 state2:
 	state = 3;
-	if (getuid() == geteuid() && getgid() == getegid()) {
+	if (privileged == 0) {
 		if ((shinit = lookupvar("ENV")) != NULL && *shinit != '\0') {
 			state = 3;
 			read_profile(shinit);
diff --git a/bin/sh/options.c b/bin/sh/options.c
index 095c7a9..627c20c 100644
--- a/bin/sh/options.c
+++ b/bin/sh/options.c
@@ -33,7 +33,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: options.c,v 1.6 1995/10/09 17:56:32 joerg Exp $
+ *	$Id: options.c,v 1.7 1996/09/01 10:21:16 peter Exp $
  */
 
 #ifndef lint
@@ -92,6 +92,7 @@ procargs(argc, argv)
 		argptr++;
 	for (i = 0; i < NOPTS; i++)
 		optlist[i].val = 2;
+	privileged = (getuid() != geteuid() || getgid() != getegid());
 	options(1);
 	if (*argptr == NULL && minusc == NULL)
 		sflag = 1;
@@ -184,6 +185,10 @@ options(cmdline)
 				if (*argptr)
 					argptr++;
 			} else {
+				if (c == 'p' && !val && privileged) {
+					(void) setuid(getuid());
+					(void) setgid(getgid());
+				}
 				setoption(c, val);
 			}
 		}
@@ -205,6 +210,10 @@ minus_o(name, val)
 	} else {
 		for (i = 0; i < NOPTS; i++)
 			if (equal(name, optlist[i].name)) {
+				if (!val && privileged && equal(name, "privileged")) {
+					(void) setuid(getuid());
+					(void) setgid(getgid());
+				}
 				setoption(optlist[i].letter, val);
 				return;
 			}
diff --git a/bin/sh/options.h b/bin/sh/options.h
index 33131d3..140c926 100644
--- a/bin/sh/options.h
+++ b/bin/sh/options.h
@@ -34,7 +34,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)options.h	8.2 (Berkeley) 5/4/95
- *	$Id: options.h,v 1.2 1994/09/24 02:58:05 davidg Exp $
+ *	$Id: options.h,v 1.3 1996/09/01 10:21:20 peter Exp $
  */
 
 struct shparam {
@@ -62,8 +62,9 @@ struct shparam {
 #define	aflag optlist[12].val
 #define	bflag optlist[13].val
 #define	uflag optlist[14].val
+#define	privileged optlist[15].val
 
-#define NOPTS	15
+#define NOPTS	16
 
 struct optent {
 	const char *name;
@@ -88,6 +89,7 @@ struct optent optlist[NOPTS] = {
 	{ "allexport",	'a',	0 },
 	{ "notify",	'b',	0 },
 	{ "nounset",	'u',	0 },
+	{ "privileged",	'p',	0 },
 };
 #else
 extern struct optent optlist[NOPTS];
diff --git a/bin/sh/sh.1 b/bin/sh/sh.1
index 7be1828..3a3843e 100644
--- a/bin/sh/sh.1
+++ b/bin/sh/sh.1
@@ -33,14 +33,14 @@
 .\" SUCH DAMAGE.
 .\"
 .\"	@(#)sh.1	8.6 (Berkeley) 5/4/95
-.\"	$Id: sh.1,v 1.7 1996/09/01 10:21:39 peter Exp $
+.\"	$Id: sh.1,v 1.8 1996/09/03 14:15:59 peter Exp $
 .\"
 .na
 .TH SH 1
 .SH NAME
 sh \- command interpreter (shell)
 .SH SYNOPSIS
-sh [-/+aCefnuvxIimsVEb] [-/+o longname] [arg ...]
+sh [-/+aCefnpuvxIimsVEb] [-/+o longname] [arg ...]
 .SH DESCRIPTION
 .LP
 Sh is the standard command interpreter for the system.
@@ -159,6 +159,15 @@ If not interactive, read commands but do not
 execute them.  This is useful for checking the
 syntax of shell scripts.
 .TP
+-p    privileged
+Turn on privileged mode.  This mode is enabled on startup
+if either the effective user or group id is not equal to the
+real user or group id.  Turning this mode off sets the
+effective user and group ids to the real user and group ids.
+Also on interactive shells and when enabled, this mode sources
+/etc/suid_profile (instead of ~/.profile) after /etc/profile
+and ignores the contents of the \fBENV\fP variable.
+.TP
 -u    nounset
 Write a message to standard error when attempting
 to expand a variable that is not set, and if the