questions about pkexec
Matthew Miller
mattdm at mattdm.org
Fri Dec 11 09:54:54 PST 2009
On Fri, Dec 11, 2009 at 12:45:18PM -0500, David Zeuthen wrote:
> LANG
> LANGUAGE
> LC_ALL
> LC_MESSAGES
> SHELL
> TERM
> We could validate the contents of these environment variables - do you
> have any attack vectors in mind that people could abuse if we didn't? Do
> you know if su(1) and sudo(8) validates such variables?
Sudo does, in a rudimentary way. Anything in the env_check list is removed
if the value contains a % or a / character. The default list treated this
way is:
TERM
LINGUAS
LC_*
LANGUAGE
LANG
COLORTERM
Additionally, the following variables are kept by default:
LOGNAME
SHELL
USER
USERNAME
SUDO_*
and others are generally added to the list in the sudoers config file
(DISPLAY, COLORS, TZ, and more).
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
More information about the polkit-devel
mailing list