4 files changed, 53 insertions, 4 deletions
diff --git a/configs/mingw32_defconfig b/configs/mingw32_defconfig
index 31f72a450..4918b2f4f 100644
--- a/configs/mingw32_defconfig
+++ b/configs/mingw32_defconfig
@@ -708,6 +708,8 @@ CONFIG_XXD=y
 CONFIG_REV=y
 # CONFIG_RTCWAKE is not set
 CONFIG_DROP=y
+CONFIG_CDROP=y
+CONFIG_PDROP=y
 # CONFIG_SCRIPT is not set
 # CONFIG_SCRIPTREPLAY is not set
 # CONFIG_SETARCH is not set
diff --git a/configs/mingw64_defconfig b/configs/mingw64_defconfig
index b5b02ba63..96e407644 100644
--- a/configs/mingw64_defconfig
+++ b/configs/mingw64_defconfig
@@ -708,6 +708,8 @@ CONFIG_XXD=y
 CONFIG_REV=y
 # CONFIG_RTCWAKE is not set
 CONFIG_DROP=y
+CONFIG_CDROP=y
+CONFIG_PDROP=y
 # CONFIG_SCRIPT is not set
 # CONFIG_SCRIPTREPLAY is not set
 # CONFIG_SETARCH is not set
diff --git a/miscutils/drop.c b/miscutils/drop.c
index 3e71f6180..f73125e1b 100644
--- a/miscutils/drop.c
+++ b/miscutils/drop.c
@@ -13,9 +13,27 @@
 //config:       help
 //config:       Run a command without elevated privileges
+//config:config CDROP
+//config:       bool "cdrop"
+//config:       default y
+//config:       depends on PLATFORM_MINGW32 && SH_IS_ASH
+//config:       help
+//config:       Run a command without elevated privileges using cmd.exe
+//config:config PDROP
+//config:       bool "pdrop"
+//config:       default y
+//config:       depends on PLATFORM_MINGW32 && SH_IS_ASH
+//config:       help
+//config:       Run a command without elevated privileges using PowerShell
 //applet:IF_DROP(APPLET(drop, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_CDROP(APPLET_ODDNAME(cdrop, drop, BB_DIR_USR_BIN, BB_SUID_DROP, cdrop))
+//applet:IF_PDROP(APPLET_ODDNAME(pdrop, drop, BB_DIR_USR_BIN, BB_SUID_DROP, pdrop))
 //kbuild:lib-$(CONFIG_DROP) += drop.o
+//kbuild:lib-$(CONFIG_CDROP) += drop.o
+//kbuild:lib-$(CONFIG_PDROP) += drop.o
 //usage:#define drop_trivial_usage
 //usage:        "[COMMAND | -c [ARG...]]"
@@ -23,6 +41,18 @@
 //usage:        "Drop elevated privileges and run a command. If no COMMAND\n"
 //usage:        "is provided run the BusyBox shell.\n"
+//usage:#define cdrop_trivial_usage
+//usage:        "[COMMAND | /c [ARG...]]"
+//usage:#define cdrop_full_usage "\n\n"
+//usage:        "Drop elevated privileges and run a command. If no COMMAND\n"
+//usage:        "is provided run cmd.exe.\n"
+//usage:#define pdrop_trivial_usage
+//usage:        "[COMMAND | -c [ARG...]]"
+//usage:#define pdrop_full_usage "\n\n"
+//usage:        "Drop elevated privileges and run a command. If no COMMAND\n"
+//usage:        "is provided run PowerShell.\n"
 #include "libbb.h"
 #include <winsafer.h>
 #include <lazyload.h>
@@ -69,9 +99,24 @@ int drop_main(int argc, char **argv)
                                                sizeof(TOKEN_MANDATORY_LABEL))) {
                        int skip = 1;
-                        if (argc == 1 || strcmp(argv[1], "-c") == 0) {
+                        if (argc == 1 || strcmp(argv[1], "-c") == 0
-                                exe = bb_busybox_exec_path;
+                                                IF_CDROP(|| strcmp(argv[1], "/c") == 0)) {
-                                cmd = xstrdup("sh");
+#if ENABLE_PDROP
+                                if (*applet_name == 'p') {
+                                        exe = "C:/Windows/System32/WindowsPowerShell/v1.0/powershell.exe";
+                                        cmd = xstrdup("powershell");
+                                } else
+#endif
+#if ENABLE_CDROP
+                                if (*applet_name == 'c') {
+                                        exe = "C:/Windows/System32/cmd.exe";
+                                        cmd = xstrdup("cmd");
+                                } else
+#endif
+                                {
+                                        exe = bb_busybox_exec_path;
+                                        cmd = xstrdup("sh");
+                                }
                                skip = 0;
                        } else {
                                char *file;
diff --git a/win32/mingw.c b/win32/mingw.c
index 1fdb8cad9..011bc5ffb 100644
--- a/win32/mingw.c
+++ b/win32/mingw.c
@@ -1136,7 +1136,7 @@ char *get_user_name(void)
        return user_name;
 }
-#if ENABLE_DROP
+#if ENABLE_DROP || ENABLE_CDROP || ENABLE_PDROP
 /*
 * When runuser drops privileges TokenIsElevated still returns TRUE.
 * Use other means to determine if we're actually unprivileged.

diff --git a/configs/mingw32_defconfig b/configs/mingw32_defconfig index 31f72a450..4918b2f4f 100644 --- a/configs/mingw32_defconfig +++ b/configs/mingw32_defconfig
@@ -708,6 +708,8 @@ CONFIG_XXD=y
708	CONFIG_REV=y	708	CONFIG_REV=y
709	# CONFIG_RTCWAKE is not set	709	# CONFIG_RTCWAKE is not set
710	CONFIG_DROP=y	710	CONFIG_DROP=y
		711	CONFIG_CDROP=y
		712	CONFIG_PDROP=y
711	# CONFIG_SCRIPT is not set	713	# CONFIG_SCRIPT is not set
712	# CONFIG_SCRIPTREPLAY is not set	714	# CONFIG_SCRIPTREPLAY is not set
713	# CONFIG_SETARCH is not set	715	# CONFIG_SETARCH is not set


diff --git a/configs/mingw64_defconfig b/configs/mingw64_defconfig index b5b02ba63..96e407644 100644 --- a/configs/mingw64_defconfig +++ b/configs/mingw64_defconfig
@@ -708,6 +708,8 @@ CONFIG_XXD=y
708	CONFIG_REV=y	708	CONFIG_REV=y
709	# CONFIG_RTCWAKE is not set	709	# CONFIG_RTCWAKE is not set
710	CONFIG_DROP=y	710	CONFIG_DROP=y
		711	CONFIG_CDROP=y
		712	CONFIG_PDROP=y
711	# CONFIG_SCRIPT is not set	713	# CONFIG_SCRIPT is not set
712	# CONFIG_SCRIPTREPLAY is not set	714	# CONFIG_SCRIPTREPLAY is not set
713	# CONFIG_SETARCH is not set	715	# CONFIG_SETARCH is not set


diff --git a/miscutils/drop.c b/miscutils/drop.c index 3e71f6180..f73125e1b 100644 --- a/miscutils/drop.c +++ b/miscutils/drop.c
@@ -13,9 +13,27 @@
13	//config: help	13	//config: help
14	//config: Run a command without elevated privileges	14	//config: Run a command without elevated privileges
15		15
		16	//config:config CDROP
		17	//config: bool "cdrop"
		18	//config: default y
		19	//config: depends on PLATFORM_MINGW32 && SH_IS_ASH
		20	//config: help
		21	//config: Run a command without elevated privileges using cmd.exe
		22
		23	//config:config PDROP
		24	//config: bool "pdrop"
		25	//config: default y
		26	//config: depends on PLATFORM_MINGW32 && SH_IS_ASH
		27	//config: help
		28	//config: Run a command without elevated privileges using PowerShell
		29
16	//applet:IF_DROP(APPLET(drop, BB_DIR_USR_BIN, BB_SUID_DROP))	30	//applet:IF_DROP(APPLET(drop, BB_DIR_USR_BIN, BB_SUID_DROP))
		31	//applet:IF_CDROP(APPLET_ODDNAME(cdrop, drop, BB_DIR_USR_BIN, BB_SUID_DROP, cdrop))
		32	//applet:IF_PDROP(APPLET_ODDNAME(pdrop, drop, BB_DIR_USR_BIN, BB_SUID_DROP, pdrop))
17		33
18	//kbuild:lib-$(CONFIG_DROP) += drop.o	34	//kbuild:lib-$(CONFIG_DROP) += drop.o
		35	//kbuild:lib-$(CONFIG_CDROP) += drop.o
		36	//kbuild:lib-$(CONFIG_PDROP) += drop.o
19		37
20	//usage:#define drop_trivial_usage	38	//usage:#define drop_trivial_usage
21	//usage: "[COMMAND \| -c [ARG...]]"	39	//usage: "[COMMAND \| -c [ARG...]]"
@@ -23,6 +41,18 @@
23	//usage: "Drop elevated privileges and run a command. If no COMMAND\n"	41	//usage: "Drop elevated privileges and run a command. If no COMMAND\n"
24	//usage: "is provided run the BusyBox shell.\n"	42	//usage: "is provided run the BusyBox shell.\n"
25		43
		44	//usage:#define cdrop_trivial_usage
		45	//usage: "[COMMAND \| /c [ARG...]]"
		46	//usage:#define cdrop_full_usage "\n\n"
		47	//usage: "Drop elevated privileges and run a command. If no COMMAND\n"
		48	//usage: "is provided run cmd.exe.\n"
		49
		50	//usage:#define pdrop_trivial_usage
		51	//usage: "[COMMAND \| -c [ARG...]]"
		52	//usage:#define pdrop_full_usage "\n\n"
		53	//usage: "Drop elevated privileges and run a command. If no COMMAND\n"
		54	//usage: "is provided run PowerShell.\n"
		55
26	#include "libbb.h"	56	#include "libbb.h"
27	#include <winsafer.h>	57	#include <winsafer.h>
28	#include <lazyload.h>	58	#include <lazyload.h>
@@ -69,9 +99,24 @@ int drop_main(int argc, char **argv)
69	sizeof(TOKEN_MANDATORY_LABEL))) {	99	sizeof(TOKEN_MANDATORY_LABEL))) {
70	int skip = 1;	100	int skip = 1;
71		101
72	if (argc == 1 \|\| strcmp(argv[1], "-c") == 0) {	102	if (argc == 1 \|\| strcmp(argv[1], "-c") == 0
73	exe = bb_busybox_exec_path;	103	IF_CDROP(\|\| strcmp(argv[1], "/c") == 0)) {
74	cmd = xstrdup("sh");	104	#if ENABLE_PDROP
		105	if (*applet_name == 'p') {
		106	exe = "C:/Windows/System32/WindowsPowerShell/v1.0/powershell.exe";
		107	cmd = xstrdup("powershell");
		108	} else
		109	#endif
		110	#if ENABLE_CDROP
		111	if (*applet_name == 'c') {
		112	exe = "C:/Windows/System32/cmd.exe";
		113	cmd = xstrdup("cmd");
		114	} else
		115	#endif
		116	{
		117	exe = bb_busybox_exec_path;
		118	cmd = xstrdup("sh");
		119	}
75	skip = 0;	120	skip = 0;
76	} else {	121	} else {
77	char *file;	122	char *file;


diff --git a/win32/mingw.c b/win32/mingw.c index 1fdb8cad9..011bc5ffb 100644 --- a/win32/mingw.c +++ b/win32/mingw.c
@@ -1136,7 +1136,7 @@ char *get_user_name(void)
1136	return user_name;	1136	return user_name;
1137	}	1137	}
1138		1138
1139	#if ENABLE_DROP	1139	#if ENABLE_DROP \|\| ENABLE_CDROP \|\| ENABLE_PDROP
1140	/*	1140	/*
1141	* When runuser drops privileges TokenIsElevated still returns TRUE.	1141	* When runuser drops privileges TokenIsElevated still returns TRUE.
1142	* Use other means to determine if we're actually unprivileged.	1142	* Use other means to determine if we're actually unprivileged.