Hi Matt, Received the attached patch from Raphael Hertzog <hert...@debian.org> at https://bugs.debian.org/903403 . You wrote in the bug report that you'd apply the patch upstream but maybe that fell off-screen? Forwarding to the list for more visibility anyway. :-)
Cheers, -- Guilhem.
--- a/default_options.h
+++ b/default_options.h
@@ -291,5 +291,6 @@ be overridden at runtime with -I. 0 disa
/* The default path. This will often get replaced by the shell */
#define DEFAULT_PATH "/usr/bin:/bin"
+#define DEFAULT_ROOT_PATH "/usr/sbin:/usr/bin:/sbin:/bin"
#endif /* DROPBEAR_DEFAULT_OPTIONS_H_ */
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -961,7 +961,11 @@ static void execchild(const void *user_d
addnewvar("LOGNAME", ses.authstate.pw_name);
addnewvar("HOME", ses.authstate.pw_dir);
addnewvar("SHELL", get_user_shell());
- addnewvar("PATH", DEFAULT_PATH);
+ if (getuid() == 0) {
+ addnewvar("PATH", DEFAULT_ROOT_PATH);
+ } else {
+ addnewvar("PATH", DEFAULT_PATH);
+ }
if (chansess->term != NULL) {
addnewvar("TERM", chansess->term);
}
signature.asc
Description: PGP signature
