diff options
author | Jonas Smedegaard <dr@jones.dk> | 2013-02-09 21:17:29 +0100 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2013-03-09 05:35:58 +0100 |
commit | cd0e640970d569712077219d90a705bfa4ccd2d4 (patch) | |
tree | e41e467d242ddff5334176bf4482a3355f5beae6 | |
parent | e02c127f8e2c5001cf90429a2ee3532d7a4e3c76 (diff) |
Preserve (instead of collapse) arguments in su_monkeysphere_user().autoquote
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, but not impossible:
Bourne-derived shells treat single-quoting literally, which means that
shell command arguments (i.e. an array of strings) should be safe to
serialize (dual-quote) using these simple rules:
b) each single-quote inside each string is escaped as '\''
a) each string is surrounded by single-quotes
This patch applies above single-quote serialization for
su_monkeysphere_user(), and adapts ma/update_users $STRICT_MODES on
line 82 to match.
If serialization routine should turn out to be broken, it will
therefore only affect $STRICT_MODES in ma/update_users badly. All other
variables passed through su_monkeysphere_user() should not possibly be
treated any worse than previous non-quoting.
-rw-r--r-- | src/share/common | 8 | ||||
-rw-r--r-- | src/share/ma/update_users | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/src/share/common b/src/share/common index f9be05a..4dd46c8 100644 --- a/src/share/common +++ b/src/share/common @@ -100,15 +100,19 @@ su_monkeysphere_user() { # introduce an extra dependency just for this. This may be a # candidate for re-factoring if we switch implementation languages. + # singlequote-escape strings - like this bashism: + # printf -v CMDLINE "%q " "$@" + local CMDLINE="$(perl -0 -e "foreach (@ARGV) {s/'/'\\\\''/g; print \"'\$_' \"}" "$@")" + case $(id -un) in # if monkeysphere user, run the command under bash "$MONKEYSPHERE_USER") - bash -c "$*" + bash -c "$CMDLINE" ;; # if root, su command as monkeysphere user 'root') - su "$MONKEYSPHERE_USER" -c "$*" + su "$MONKEYSPHERE_USER" -c "$CMDLINE" ;; # otherwise, fail diff --git a/src/share/ma/update_users b/src/share/ma/update_users index 991c302..2066359 100644 --- a/src/share/ma/update_users +++ b/src/share/ma/update_users @@ -79,7 +79,7 @@ for uname in $unames ; do # process authorized_user_ids file, as monkeysphere user su_monkeysphere_user \ - . "${SYSSHAREDIR}/process_authorized_user_ids" "'$STRICT_MODES'" - \ + . "${SYSSHAREDIR}/process_authorized_user_ids" "$STRICT_MODES" - \ < "$authorizedUserIDs" \ > "$tmpAuthorizedKeys" |