[systemd-devel] [PATCH] path-lookup: use secure_getenv()
Ronny Chevalier
chevalier.ronny at gmail.com
Sun Mar 15 04:36:57 PDT 2015
2015-03-15 3:27 GMT+01:00 Shawn Landden <shawn at churchofgit.com>:
> All these except user_data_home_dir() are certainly vectors for
> arbitrary code execution. These should use secure_getenv()
> ---
Hi,
I don't see why secure_getenv() is appropriate here? These functions
are never used in the libraries systemd provides, they are mostly used
by systemctl and the dbus manager. Can you provide more details?
> src/shared/path-lookup.c | 20 ++++++++++----------
> 1 file changed, 10 insertions(+), 10 deletions(-)
>
> diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
> index fbf46cd..0fb86df 100644
> --- a/src/shared/path-lookup.c
> +++ b/src/shared/path-lookup.c
> @@ -33,7 +33,7 @@ int user_config_home(char **config_home) {
> const char *e;
> char *r;
>
> - e = getenv("XDG_CONFIG_HOME");
> + e = secure_getenv("XDG_CONFIG_HOME");
> if (e) {
> r = strappend(e, "/systemd/user");
> if (!r)
> @@ -44,7 +44,7 @@ int user_config_home(char **config_home) {
> } else {
> const char *home;
>
> - home = getenv("HOME");
> + home = secure_getenv("HOME");
> if (home) {
> r = strappend(home, "/.config/systemd/user");
> if (!r)
> @@ -62,7 +62,7 @@ int user_runtime_dir(char **runtime_dir) {
> const char *e;
> char *r;
>
> - e = getenv("XDG_RUNTIME_DIR");
> + e = secure_getenv("XDG_RUNTIME_DIR");
> if (e) {
> r = strappend(e, "/systemd/user");
> if (!r)
> @@ -83,13 +83,13 @@ static int user_data_home_dir(char **dir, const char *suffix) {
> * suggests because we assume that that is a link to
> * /etc/systemd/ anyway. */
>
> - e = getenv("XDG_DATA_HOME");
> + e = secure_getenv("XDG_DATA_HOME");
> if (e)
> res = strappend(e, suffix);
> else {
> const char *home;
>
> - home = getenv("HOME");
> + home = secure_getenv("HOME");
> if (home)
> res = strjoin(home, "/.local/share", suffix, NULL);
> else
> @@ -146,7 +146,7 @@ static char** user_dirs(
> if (user_runtime_dir(&runtime_dir) < 0)
> return NULL;
>
> - e = getenv("XDG_CONFIG_DIRS");
> + e = secure_getenv("XDG_CONFIG_DIRS");
> if (e) {
> config_dirs = strv_split(e, ":");
> if (!config_dirs)
> @@ -157,7 +157,7 @@ static char** user_dirs(
> if (r < 0)
> return NULL;
>
> - e = getenv("XDG_DATA_DIRS");
> + e = secure_getenv("XDG_DATA_DIRS");
> if (e)
> data_dirs = strv_split(e, ":");
> else
> @@ -248,7 +248,7 @@ int lookup_paths_init(
>
> /* First priority is whatever has been passed to us via env
> * vars */
> - e = getenv("SYSTEMD_UNIT_PATH");
> + e = secure_getenv("SYSTEMD_UNIT_PATH");
> if (e) {
> if (endswith(e, ":")) {
> e = strndupa(e, strlen(e) - 1);
> @@ -340,7 +340,7 @@ int lookup_paths_init(
> #ifdef HAVE_SYSV_COMPAT
> /* /etc/init.d/ compatibility does not matter to users */
>
> - e = getenv("SYSTEMD_SYSVINIT_PATH");
> + e = secure_getenv("SYSTEMD_SYSVINIT_PATH");
> if (e) {
> p->sysvinit_path = path_split_and_make_absolute(e);
> if (!p->sysvinit_path)
> @@ -358,7 +358,7 @@ int lookup_paths_init(
> return -ENOMEM;
> }
>
> - e = getenv("SYSTEMD_SYSVRCND_PATH");
> + e = secure_getenv("SYSTEMD_SYSVRCND_PATH");
> if (e) {
> p->sysvrcnd_path = path_split_and_make_absolute(e);
> if (!p->sysvrcnd_path)
> --
> 2.2.1.209.g41e5f3a
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
More information about the systemd-devel
mailing list