crontab-access: replace with wrapper, rename to crontab-access-real.

The wrapper has two purposes:
1. Not being a script, thereby eliminating the issues with setuid scripts.
2. Purging the environment. crontab-access-real has no need for any
   environment variables to do its work, so to prevent tampering with dynamic
   linker, libc, or guile, we may as well just unset them all.

This wrapper does introduce a requirement for a C compiler. Ideally it would
be conditional based on whether the wrapper is even going to be built, but
autoconf doesn't like that one bit. Someone with more experience with
autotools should sort that out. In the meantime I guess anyone wanting to
build without a C compiler being present is going to have to edit configure.ac
and re-run bootstrap.

* src/crontab-access.in: renamed to src/crontab-access-real.in
* src/crontab-access.c.in: new file, wrapper for crontab-access-real.
* Makefile.am: inform about crontab-access.c.in and name change to
  crontab-access-real. Put crontab-access-real in libexecdir.

2 files changed, 10 insertions, 0 deletions

diff --git a/src/crontab-access.in b/src/crontab-access-real.in
index 569d147..569d147 100644
--- a/src/crontab-access.in
+++ b/src/crontab-access-real.in
diff --git a/src/crontab-access.c.in b/src/crontab-access.c.in
new file mode 100644
index 0000000..652b9cc
--- /dev/null
+++ b/src/crontab-access.c.in
@@ -0,0 +1,10 @@
+#include <unistd.h>
+
+int main(int argc, char **argv)
+{
+  char *envp = NULL;
+  execve("%libexecdir%/crontab-access-real",
+         argv, &envp);
+  /* Should not get here! */
+  return 1;
+}