ksh does a little dance to try and gift history files to their original owner
if it's somehow running as a different user. this of course only works as
root, and is probably a terrible idea.
ksh should simply refuse to open a history file that's owned by somebody else.
Index: history.c
===================================================================
RCS file: /cvs/src/bin/ksh/history.c,v
retrieving revision 1.45
diff -u -p -r1.45 history.c
--- history.c 8 Oct 2015 15:54:59 -0000 1.45
+++ history.c 8 Oct 2015 16:00:10 -0000
@@ -619,6 +619,7 @@ hist_init(Source *s)
unsigned char *base;
int lines;
int fd;
+ struct stat sb;
if (Flag(FTALKING) == 0)
return;
@@ -636,6 +637,10 @@ hist_init(Source *s)
/* we have a file and are interactive */
if ((fd = open(hname, O_RDWR|O_CREAT|O_APPEND, 0600)) < 0)
return;
+ if (fstat(fd, &sb) == -1 || sb.st_uid != getuid()) {
+ close(fd);
+ return;
+ }
histfd = savefd(fd);
if (histfd != fd)
@@ -732,7 +737,6 @@ hist_shrink(unsigned char *oldbase, int
{
int fd;
char nfile[1024];
- struct stat statb;
unsigned char *nbase = oldbase;
int nbytes = oldbytes;
@@ -759,11 +763,6 @@ hist_shrink(unsigned char *oldbase, int
unlink(nfile);
return 1;
}
- /*
- * worry about who owns this file
- */
- if (fstat(histfd, &statb) >= 0)
- fchown(fd, statb.st_uid, statb.st_gid);
close(fd);
/*
