shell: Inherit UID and GID if no login check

Use the UID and GID of the executing user for the real and effective UID
and GID of the shell task in case no login check is present.  This
prevents privilege escalation via shell scripts.

cpukit/libmisc/shell/shell.c

@@ -838,6 +838,12 @@ bool rtems_shell_main_loop(
         if (shell_env->login_check != NULL) {
           result = rtems_shell_login(shell_env, stdin,stdout);
         } else {
+          setuid(shell_env->uid);
+          setgid(shell_env->gid);
+          seteuid(shell_env->uid);
+          setegid(shell_env->gid);
+          rtems_current_user_env_getgroups();
+
           result = true;
         }
       }
@@ -1010,6 +1016,8 @@ static rtems_status_code rtems_shell_run (
   shell_env->output_append = output_append;
   shell_env->wake_on_end   = wake_on_end;
   shell_env->login_check   = login_check;
+  shell_env->uid           = getuid();
+  shell_env->gid           = getgid();
 
   getcwd(shell_env->cwd, sizeof(shell_env->cwd));
 

cpukit/libmisc/shell/shell.h

@@ -17,6 +17,7 @@
 #ifndef __RTEMS_SHELL_H__
 #define __RTEMS_SHELL_H__
 
+#include <sys/types.h>
 #include <rtems.h>
 #include <stdio.h>
 #include <termios.h>
@@ -199,6 +200,18 @@ typedef struct {
   bool output_append;
   rtems_id wake_on_end;
   rtems_shell_login_check_t login_check;
+
+  /**
+   * @brief The real and effective UID of the shell task in case no login check
+   * is present.
+   */
+  uid_t uid;
+
+  /**
+   * @brief The real and effective GID of the shell task in case no login check
+   * is present.
+   */
+  gid_t gid;
 } rtems_shell_env_t;
 
 bool rtems_shell_main_loop(