[uClibc] Adapted unsecvars patch

Peter S. Mazinger ps.m at gmx.net
Wed Oct 6 07:56:12 UTC 2004


Hello!

Here is the modified unsecvars patch that applies to cvs.

Peter

-- 
Peter S. Mazinger <ps dot m at gmx dot net>           ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2

____________________________________________________________________
Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a FreeStarttol.
Probald ki most! http://www.freestart.hu
-------------- next part --------------
? include/unsecvars.h
Index: ldso/ldso/ldso.c
===================================================================
RCS file: /var/cvs/uClibc/ldso/ldso/ldso.c,v
retrieving revision 1.121
diff -u -b -B -w -p -r1.121 ldso.c
--- ldso/ldso/ldso.c	8 Sep 2004 09:43:24 -0000	1.121
+++ ldso/ldso/ldso.c	21 Sep 2004 05:33:40 -0000
@@ -31,6 +31,7 @@
 
 
 #include "ldso.h"
+#include "unsecvars.h"
 
 #define ALLOW_ZERO_PLTGOT
 
@@ -325,11 +326,21 @@ void _dl_get_ready_to_run(struct elf_res
 		_dl_preload = _dl_getenv("LD_PRELOAD", envp);
 		_dl_library_path = _dl_getenv("LD_LIBRARY_PATH", envp);
 	} else {
+		static const char unsecure_envvars[] =
+#ifdef EXTRA_UNSECURE_ENVVARS
+			EXTRA_UNSECURE_ENVVARS
+#endif
+			UNSECURE_ENVVARS;
+		const char *nextp;
 		_dl_secure = 1;
-		_dl_preload = _dl_getenv("LD_PRELOAD", envp);
-		_dl_unsetenv("LD_AOUT_PRELOAD", envp);
-		_dl_unsetenv("LD_LIBRARY_PATH", envp);
-		_dl_unsetenv("LD_AOUT_LIBRARY_PATH", envp);
+
+		nextp = unsecure_envvars;
+		do {
+			_dl_unsetenv (nextp, envp);
+			/* We could use rawmemchr but this need not be fast.  */
+			nextp = (char *) _dl_strchr(nextp, '\0') + 1;
+		} while (*nextp != '\0');
+		_dl_preload = NULL;
 		_dl_library_path = NULL;
 	}
 
-------------- next part --------------
/* 
 * Environment variable to be removed for SUID programs.  The names are all
 * stuffed in a single string which means they have to be terminated with a
 * '\0' explicitly.
 */

#define UNSECURE_ENVVARS		\
	"LD_AOUT_PRELOAD\0"		\
	"LD_AOUT_LIBRARY_PATH\0"	\
	"LD_PRELOAD\0"			\
 	"LD_LIBRARY_PATH\0"		\
	"LD_DEBUG\0"			\
	"LD_DEBUG_OUTPUT\0"		\
	"HOSTALIASES\0"			\
	"LOCALDOMAIN\0"			\
	"RES_OPTIONS\0"			\
	"TMPDIR\0"

/* 
 * These environment variables are defined by glibc but ignored in
 * uClibc, but may very well have an equivalent in uClibc.
 *
 * MALLOC_TRACE, RESOLV_HOST_CONF, TZDIR, GCONV_PATH, LD_USE_LOAD_BIAS,
 * LD_PROFILE, LD_ORIGIN_PATH, LOCPATH, NLSPATH
 */



More information about the uClibc mailing list