From 0d58fcd2aa1240e96754aaf24665d4d1650e301a Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 7 Feb 2021 16:46:55 +0000
Subject: [PATCH] misc-progs: Call unpriv_system commands in a shell

Reported-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/misc-progs/setuid.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/misc-progs/setuid.c b/src/misc-progs/setuid.c
index efd181ad8c..8044742f2d 100644
--- a/src/misc-progs/setuid.c
+++ b/src/misc-progs/setuid.c
@@ -144,7 +144,14 @@ int safe_system(char* command) {
 /* Much like safe_system but lets you specify a non-root uid and gid to run
  * the command as */
 int unpriv_system(char* command, uid_t uid, gid_t gid) {
-	return system_core(command, NULL, uid, gid, "unpriv_system");
+	char* argv[4] = {
+		"/bin/sh",
+		"-c",
+		command,
+		NULL,
+	};
+
+	return system_core(argv[0], argv, uid, gid, "unpriv_system");
 }
 
 /* General routine to initialise a setuid root program, and put the
-- 
2.39.2