[systemd-devel] [PATCH] path-lookup: use secure_getenv()

Colin Walters walters at verbum.org
Mon Mar 16 11:55:50 PDT 2015

On Mon, Mar 16, 2015, at 02:31 PM, Ronny Chevalier wrote:

> I think it would hurt in a SELinux environment. Because if the
> AT_SECURE flag is set, secure_getenv will return NULL and tools like
> systemctl will fail for certain tasks.

Yeah, beware the possible regressions here, see e.g.:

Last time I looked at this I ended up deciding it was the responsibility of setuid binaries to whitelist their environment.  Libraries may use choose to use secure_getenv() from the start, but *changing* an existing libary that way also changes the semantics of all setuid binaries using it, and needs evaluatoin.

More information about the systemd-devel mailing list