misc-progs: Call unpriv_system commands in a shell

Reported-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/misc-progs/setuid.c b/src/misc-progs/setuid.c
index efd181ad8c51beb0e709dc4da0a5ac3a0a482436..8044742f2d9278ed93cf7ac6b239df2efb4cb4d9 100644 (file)
--- a/src/misc-progs/setuid.c
+++ b/src/misc-progs/setuid.c
@@ -144,7 +144,14 @@ int safe_system(char* command) {
 /* Much like safe_system but lets you specify a non-root uid and gid to run
  * the command as */
 int unpriv_system(char* command, uid_t uid, gid_t gid) {
-       return system_core(command, NULL, uid, gid, "unpriv_system");
+       char* argv[4] = {
+               "/bin/sh",
+               "-c",
+               command,
+               NULL,
+       };
+
+       return system_core(argv[0], argv, uid, gid, "unpriv_system");
 }
 
 /* General routine to initialise a setuid root program, and put the