diff options
| author | nicm <nicm> | 2015-10-31 08:13:58 +0000 |
|---|---|---|
| committer | nicm <nicm> | 2015-10-31 08:13:58 +0000 |
| commit | 01defc9f4965bb174e1d1295754d5a8695683054 (patch) | |
| tree | 6f8095583d6176dffe130d6ff3b5dbc3f0e3150d /cmd-new-session.c | |
| parent | 45f3cea263d1f99912cd6b353c91ccb872c26a71 (diff) | |
| download | rtmux-01defc9f4965bb174e1d1295754d5a8695683054.tar.gz rtmux-01defc9f4965bb174e1d1295754d5a8695683054.tar.bz2 rtmux-01defc9f4965bb174e1d1295754d5a8695683054.zip | |
Because pledge(2) does not allow us to pass directory file descriptors
around, we can't use file descriptors for the working directory because
we will be unable to pass it to a privileged process to tell it where to
read or write files or spawn children. So move tmux back to using
strings for the current working directory. We try to check it exists
with access() when it is set but ultimately fall back to ~ if it fails
at time of use (or / if that fails too).
Diffstat (limited to 'cmd-new-session.c')
| -rw-r--r-- | cmd-new-session.c | 39 |
1 files changed, 16 insertions, 23 deletions
diff --git a/cmd-new-session.c b/cmd-new-session.c index 7b637bc6..90bb2e0e 100644 --- a/cmd-new-session.c +++ b/cmd-new-session.c @@ -63,10 +63,9 @@ cmd_new_session_exec(struct cmd *self, struct cmd_q *cmdq) struct environ *env; struct termios tio, *tiop; const char *newname, *target, *update, *errstr, *template; - const char *path; + const char *path, *cwd, *to_free; char **argv, *cmd, *cause, *cp; - int detached, already_attached, idx, cwd, fd = -1; - int argc; + int detached, already_attached, idx, argc; u_int sx, sy; struct format_tree *ft; struct environ_entry *envent; @@ -118,32 +117,26 @@ cmd_new_session_exec(struct cmd *self, struct cmd_q *cmdq) already_attached = 1; /* Get the new session working directory. */ + to_free = NULL; if (args_has(args, 'c')) { ft = format_create(); format_defaults(ft, cmd_find_client(cmdq, NULL, 1), NULL, NULL, NULL); - cp = format_expand(ft, args_get(args, 'c')); + to_free = cwd = format_expand(ft, args_get(args, 'c')); format_free(ft); - if (cp != NULL && *cp != '\0') { - fd = open(cp, O_RDONLY|O_DIRECTORY); - free(cp); - if (fd == -1) { - cmdq_error(cmdq, "bad working directory: %s", - strerror(errno)); - return (CMD_RETURN_ERROR); - } - } else - free(cp); - cwd = fd; + if (access(cwd, X_OK) != 0) { + free((void *)cwd); + cmdq_error(cmdq, "bad working directory: %s", + strerror(errno)); + return (CMD_RETURN_ERROR); + } } else if (c != NULL && c->session == NULL) cwd = c->cwd; else if ((c0 = cmd_find_client(cmdq, NULL, 1)) != NULL) cwd = c0->session->cwd; - else { - fd = open(".", O_RDONLY); - cwd = fd; - } + else + cwd = "."; /* * If this is a new client, check for nesting and save the termios @@ -311,12 +304,12 @@ cmd_new_session_exec(struct cmd *self, struct cmd_q *cmdq) if (!detached) cmdq->client_exit = 0; - if (fd != -1) - close(fd); + if (to_free != NULL) + free((void *)to_free); return (CMD_RETURN_NORMAL); error: - if (fd != -1) - close(fd); + if (to_free != NULL) + free((void *)to_free); return (CMD_RETURN_ERROR); } |