[uClibc] Adapted unsecvars patch
Peter S. Mazinger
ps.m at gmx.net
Wed Oct 6 07:56:12 UTC 2004
Hello!
Here is the modified unsecvars patch that applies to cvs.
Peter
--
Peter S. Mazinger <ps dot m at gmx dot net> ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08 BB6E C389 975E A5F0 59F2
____________________________________________________________________
Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a FreeStarttol.
Probald ki most! http://www.freestart.hu
-------------- next part --------------
? include/unsecvars.h
Index: ldso/ldso/ldso.c
===================================================================
RCS file: /var/cvs/uClibc/ldso/ldso/ldso.c,v
retrieving revision 1.121
diff -u -b -B -w -p -r1.121 ldso.c
--- ldso/ldso/ldso.c 8 Sep 2004 09:43:24 -0000 1.121
+++ ldso/ldso/ldso.c 21 Sep 2004 05:33:40 -0000
@@ -31,6 +31,7 @@
#include "ldso.h"
+#include "unsecvars.h"
#define ALLOW_ZERO_PLTGOT
@@ -325,11 +326,21 @@ void _dl_get_ready_to_run(struct elf_res
_dl_preload = _dl_getenv("LD_PRELOAD", envp);
_dl_library_path = _dl_getenv("LD_LIBRARY_PATH", envp);
} else {
+ static const char unsecure_envvars[] =
+#ifdef EXTRA_UNSECURE_ENVVARS
+ EXTRA_UNSECURE_ENVVARS
+#endif
+ UNSECURE_ENVVARS;
+ const char *nextp;
_dl_secure = 1;
- _dl_preload = _dl_getenv("LD_PRELOAD", envp);
- _dl_unsetenv("LD_AOUT_PRELOAD", envp);
- _dl_unsetenv("LD_LIBRARY_PATH", envp);
- _dl_unsetenv("LD_AOUT_LIBRARY_PATH", envp);
+
+ nextp = unsecure_envvars;
+ do {
+ _dl_unsetenv (nextp, envp);
+ /* We could use rawmemchr but this need not be fast. */
+ nextp = (char *) _dl_strchr(nextp, '\0') + 1;
+ } while (*nextp != '\0');
+ _dl_preload = NULL;
_dl_library_path = NULL;
}
-------------- next part --------------
/*
* Environment variable to be removed for SUID programs. The names are all
* stuffed in a single string which means they have to be terminated with a
* '\0' explicitly.
*/
#define UNSECURE_ENVVARS \
"LD_AOUT_PRELOAD\0" \
"LD_AOUT_LIBRARY_PATH\0" \
"LD_PRELOAD\0" \
"LD_LIBRARY_PATH\0" \
"LD_DEBUG\0" \
"LD_DEBUG_OUTPUT\0" \
"HOSTALIASES\0" \
"LOCALDOMAIN\0" \
"RES_OPTIONS\0" \
"TMPDIR\0"
/*
* These environment variables are defined by glibc but ignored in
* uClibc, but may very well have an equivalent in uClibc.
*
* MALLOC_TRACE, RESOLV_HOST_CONF, TZDIR, GCONV_PATH, LD_USE_LOAD_BIAS,
* LD_PROFILE, LD_ORIGIN_PATH, LOCPATH, NLSPATH
*/
More information about the uClibc
mailing list