delete restricted ed. no one will ever use this. never documented or enabled.

ok millert@

diff --git a/bin/ed/Makefile b/bin/ed/Makefile
index c1c5b03..6e64181 100644 (file)
--- a/bin/ed/Makefile
+++ b/bin/ed/Makefile
@@ -1,10 +1,7 @@
-#      $OpenBSD: Makefile,v 1.10 2014/04/14 22:12:01 tedu Exp $
+#      $OpenBSD: Makefile,v 1.11 2014/05/24 01:35:55 daniel Exp $
 
 PROG=  ed
 CFLAGS+=-DBACKWARDS
 SRCS=   buf.c glbl.c io.c main.c re.c sub.c undo.c
 
-#LINKS=  ${BINDIR}/ed ${BINDIR}/red
-#MLINKS= ed.1 red.1
-
 .include <bsd.prog.mk>

diff --git a/bin/ed/POSIX b/bin/ed/POSIX
index d0e7342..1cd2afc 100644 (file)
--- a/bin/ed/POSIX
+++ b/bin/ed/POSIX
@@ -1,4 +1,4 @@
-$OpenBSD: POSIX,v 1.7 2014/04/20 09:29:36 deraadt Exp $
+$OpenBSD: POSIX,v 1.8 2014/05/24 01:35:55 daniel Exp $
 $NetBSD: POSIX,v 1.9 1995/03/21 09:04:32 cgd Exp $
 
 This version of ed(1) is not strictly POSIX compliant, as described in
@@ -41,10 +41,6 @@ EXTENSIONS
    rest of the line is interpreted as a shell command, and no escape
    processing is performed by ed.
 
-4) For SunOS ed(1) compatibility, ed runs in restricted mode if invoked
-   as red.  This limits editing of files in the local directory only and
-   prohibits shell commands.
-
 DEVIATIONS
 ----------
 1) Though ed is not a stream editor, it can be used to edit binary files.

diff --git a/bin/ed/main.c b/bin/ed/main.c
index 539c2e3..4494d42 100644 (file)
--- a/bin/ed/main.c
+++ b/bin/ed/main.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: main.c,v 1.38 2014/04/14 23:19:51 jmc Exp $   */
+/*     $OpenBSD: main.c,v 1.39 2014/05/24 01:35:55 daniel Exp $        */
 /*     $NetBSD: main.c,v 1.3 1995/03/21 09:04:44 cgd Exp $     */
 
 /* main.c: This file contains the main control and user-interface routines
@@ -73,7 +73,6 @@ int isbinary;                 /* if set, buffer contains ASCII NULs */
 int isglobal;                  /* if set, doing a global command */
 int modified;                  /* if set, buffer modified since last write */
 int mutex = 0;                 /* if set, signals set "sigflags" */
-int red = 0;                   /* if set, restrict shell/directory access */
 int scripted = 0;              /* if set, suppress diagnostics */
 int sigflags = 0;              /* if set, signals received while mutex set */
 int interactive = 0;           /* if set, we are in interactive mode */
@@ -107,7 +106,6 @@ main(volatile int argc, char ** volatile argv)
 
        home = getenv("HOME");
 
-       red = (n = strlen(argv[0])) > 2 && argv[0][n - 3] == 'r';
 top:
        while ((c = getopt(argc, argv, "p:sx")) != -1)
                switch (c) {
@@ -169,7 +167,7 @@ top:
        } else {
                init_buffers();
                sigactive = 1;                  /* enable signal handlers */
-               if (argc && **argv && is_legal_filename(*argv)) {
+               if (argc && **argv) {
                        if (read_file(*argv, 0) < 0 && !interactive)
                                quit(2);
                        else if (**argv != '!')
@@ -980,7 +978,7 @@ get_filename(void)
        for (n = 0; *ibufp != '\n';)
                file[n++] = *ibufp++;
        file[n] = '\0';
-       return is_legal_filename(file) ? file : NULL;
+       return file;
 }
 
 
@@ -996,10 +994,7 @@ get_shell_command(void)
        int i = 0;
        int j = 0;
 
-       if (red) {
-               seterrmsg("shell access restricted");
-               return ERR;
-       } else if ((s = ibufp = get_extended_line(&j, 1)) == NULL)
+       if ((s = ibufp = get_extended_line(&j, 1)) == NULL)
                return ERR;
        REALLOC(buf, n, j + 1, ERR);
        buf[i++] = '!';                 /* prefix command w/ bang */
@@ -1430,15 +1425,3 @@ handle_winch(int signo)
        }
        errno = save_errno;
 }
-
-
-/* is_legal_filename: return a legal filename */
-int
-is_legal_filename(char *s)
-{
-       if (red && (*s == '!' || !strcmp(s, "..") || strchr(s, '/'))) {
-               seterrmsg("shell access restricted");
-               return 0;
-       }
-       return 1;
-}