Wow, I can't believe this obvious (and surely easy to fix!) bug is still not fixed! After having skimmed the libgksu code though, I'm not surprised -- it does call-outs to the shell all over the place. Obviously a very bad idea:
tmp = g_strdup_printf ("%s list %s | " "head -1 | awk '{ print $3 }'", xauth_bin, display); if ((xauth_output = popen (tmp, "r")) == NULL)
--------
cmd[i] = g_strdup ("/bin/su"); i++; if (context->login_shell) { cmd[i] = g_strdup ("-"); i++; } cmd[i] = g_strdup (context->user); i++; if (context->keep_env) { cmd[i] = g_strdup ("-p"); i++; } cmd[i] = g_strdup ("-c"); i++;
/* needs to get X authorization prior to running the program */ cmd[i] = g_strdup_printf ("%s \"%s\"", auxcommand, context->command); i++;
cmd[i] = NULL;
/* executes the command */ if (execv (cmd[0], cmd) == -1) { fprintf (stderr, "Unable to run /bin/su: %s", strerror(errno)); }
-----------
Such a terrible practice. When is someone going to write "exec() considered harmful"?
Wow, I can't believe this obvious (and surely easy to fix!) bug is still not fixed! After having skimmed the libgksu code though, I'm not surprised -- it does call-outs to the shell all over the place. Obviously a very bad idea:
tmp = g_strdup_printf ("%s list %s | "
"head -1 | awk '{ print $3 }'",
xauth_ bin,
display) ;
if ((xauth_output = popen (tmp, "r")) == NULL)
--------
cmd[i] = g_strdup ("/bin/su"); i++; >login_ shell)
if (context-
{
cmd[i] = g_strdup ("-"); i++;
}
cmd[i] = g_strdup (context->user); i++;
if (context->keep_env)
{
cmd[i] = g_strdup ("-p"); i++;
}
cmd[i] = g_strdup ("-c"); i++;
/* needs to get X authorization prior to running the program */
context- >command) ; i++;
cmd[i] = g_strdup_printf ("%s \"%s\"", auxcommand,
cmd[i] = NULL;
/* executes the command */
"Unable to run /bin/su: %s",
strerror( errno)) ;
if (execv (cmd[0], cmd) == -1)
{
fprintf (stderr,
}
-----------
Such a terrible practice. When is someone going to write "exec() considered harmful"?