[systemd-devel] [PATCH] path-lookup: use secure_getenv()
Lennart Poettering
lennart at poettering.net
Sun Mar 22 20:56:44 PDT 2015
On Sat, 14.03.15 19:27, Shawn Landden (shawn at churchofgit.com) wrote:
> All these except user_data_home_dir() are certainly vectors for
> arbitrary code execution. These should use secure_getenv()
Nah.
We should use secure_getenv() in code that will end up in a suid
binary and in code that suid binaries might make use of. I really
don't see how either of these cases might apply here, since the code
is only called internally in our code and we don't have suid binaries.
A longer time ago I went through all invocations of getenv() and
checked whether they should be secure_getenv() instead, fixed them,
and I don't think that much changed since.
Anyway, it might be that some of our newer invocations of getenv()
should use secure_getenv() instead, but I am not aware of any and the
ones you pointed out don't qualify.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list