Skip to content

Commit f57ec7e

Browse files
TheDcoderTheDcoder
committed
Add DEFAULT_PATH
`DEFAULT_PATH` replaces `safepath` for setting the `PATH` variable in the executed process's environment. `DEFAULT_PATH` follows the de-facto standard of Linux distributions which place `/usr/local` directories before their non-local counterparts in $PATH. Unlike BSD, Linux distributions don't put packaged executables under `/usr/local`, instead it is used by the local user to place their own executables, potentially to replace system executables.
1 parent b96106b commit f57ec7e

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

configure

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ usage: configure [options]
3030
3131
--uid-max=NUM set UID_MAX (default 65535)
3232
--gid-max=NUM set GID_MAX (default 65535)
33+
34+
--default-path=PATH set default PATH for executed environment
3335
3436
--help, -h display this help and exit
3537
EOF
@@ -40,6 +42,7 @@ EOF
4042
WITHOUT_TIMESTAMP=yes
4143
UID_MAX=65535
4244
GID_MAX=65535
45+
DEFAULT_PATH="/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin"
4346

4447
for x; do
4548
opt=${x%%=*}
@@ -64,6 +67,7 @@ for x; do
6467
--without-timestamp) WITHOUT_TIMESTAMP=yes ;;
6568
--uid-max) UID_MAX=$var ;;
6669
--gid-max) UID_MAX=$var ;;
70+
--default-path) DEFAULT_PATH=$var ;;
6771
--help|-h) usage ;;
6872
*) die "Error: unknown option $opt" ;;
6973
esac
@@ -104,6 +108,9 @@ fi
104108

105109
OS_CFLAGS="-D__${OS}__"
106110

111+
printf 'Setting DEFAULT_PATH\t\t\t%s.\n' "$DEFAULT_PATH" >&2
112+
printf '#define DEFAULT_PATH "%s"\n' "$DEFAULT_PATH" >>$CONFIG_H
113+
107114
case "$OS" in
108115
linux)
109116
printf 'Setting UID_MAX\t\t\t\t%d.\n' "$UID_MAX" >&2

doas.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -397,8 +397,8 @@ main(int argc, char **argv)
397397
err(1, "initgroups");
398398
if (setresuid(target, target, target) != 0)
399399
err(1, "setresuid");
400-
if (setenv("PATH", safepath, 1) == -1)
401-
err(1, "failed to set PATH '%s'", safepath);
400+
if (setenv("PATH", DEFAULT_PATH, 1) == -1)
401+
err(1, "failed to set PATH '%s'", DEFAULT_PATH);
402402
#endif
403403

404404
if (getcwd(cwdpath, sizeof(cwdpath)) == NULL)
@@ -416,8 +416,8 @@ main(int argc, char **argv)
416416

417417
/* setusercontext set path for the next process, so reset it for us */
418418
if (rule->cmd) {
419-
if (setenv("PATH", safepath, 1) == -1)
420-
err(1, "failed to set PATH '%s'", safepath);
419+
if (setenv("PATH", DEFAULT_PATH, 1) == -1)
420+
err(1, "failed to set PATH '%s'", DEFAULT_PATH);
421421
} else {
422422
if (setenv("PATH", formerpath, 1) == -1)
423423
err(1, "failed to set PATH '%s'", formerpath);

0 commit comments

Comments
 (0)