[uClibc] Improved suid handling of environment variables for uClibc

Ned Ludd solar at gentoo.org
Tue Sep 21 05:56:18 UTC 2004


Patch based on glibc sorta. Improved a bit for uClibc. 
(Peter S. Mazinger and myself put this one together)

Please review.

I compiled and confirmed it works as expected on a native-glibc host and
a native-uclibc host. From that time till sending this mail I've edited
a few of the environment variables a little without testing.

If you know of any variables that should be included but which are not
just add them to the ldso/include/unsecvars.h

Additionally users can define at compile time
-DEXTRA_UNSECURE_ENVVARS="FOO_1\0FOO_2\0FOO_3\0" to add anything
additional else in.

share and enjoy.

-- 
Ned Ludd <solar at gentoo.org>
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldso-unsecvars-cvs.patch
Type: text/x-patch
Size: 1271 bytes
Desc: 
Url : http://lists.busybox.net/pipermail/uclibc/attachments/20040921/8e361de7/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: unsecvars.h
Type: text/x-chdr
Size: 708 bytes
Desc: 
Url : http://lists.busybox.net/pipermail/uclibc/attachments/20040921/8e361de7/attachment.h 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.busybox.net/pipermail/uclibc/attachments/20040921/8e361de7/attachment-0002.pgp 


More information about the uClibc mailing list