+2000-09-26 Thorsten Kukuk <kukuk@suse.de>
+
+ * nscd/dbg_log.c (dbg_log): Add missing format string.
+
2000-09-26 Ulrich Drepper <drepper@redhat.com>
+ * catgets/catgets.c (catopen): Use getenv instead of __secure_getenv
+ since we filter out the variable once.
+ * iconv/gconv_conf.c (__gconv_get_path): Likewise.
+ * locale/newlocale.c (__newlocale): Likewise.
+ * locale/setlocale.c (setlocale): Likewise.
+ * malloc/malloc.c (ptmalloc_init): Likewise.
+ * resolv/res_hconf.c (_res_hconf_init): Likewise.
+ * resolv/res_init.c (__res_vinit): Likewise.
+ * time/tzfile.c (__tzfile_read): Likewise.
+ * sysdeps/generic/unsecvars.h: New file.
+ * elf/dl-support.c (non_dynamic_init): Use it here to remove variables.
+ * elf/rtld.c (process_envvars): Likewise.
+ * elf/Makefile (distribute): Add unsecvars.h.
+
* misc/daemon.c (daemon): Fail if !noclose and we cannot open the
real /dev/null device.
env_var_len = strlen (env_var) + 1;
- nlspath = __secure_getenv ("NLSPATH");
+ nlspath = getenv ("NLSPATH");
if (nlspath != NULL && *nlspath != '\0')
{
/* Append the system dependent directory. */
testobj1.c testobj2.c testobj3.c testobj4.c testobj5.c \
testobj6.c testobj1_1.c failobj.c unloadmod.c \
ldconfig.h ldconfig.c cache.c readlib.c readelflib.c \
- dep1.c dep2.c dep3.c dep4.c dl-dtprocnum.h \
+ dep1.c dep2.c dep3.c dep4.c dl-dtprocnum.h unsecvars.h \
vismain.c vismod1.c vismod2.c vismod3.c \
constload2.c constload3.c filtmod1.c filtmod2.c \
nodlopenmod.c nodelete.c nodelmod1.c nodelmod2.c \
#include <ldsodefs.h>
#include <dl-machine.h>
#include <bits/libc-lock.h>
+#include <dl-librecon.h>
+#include <unsecvars.h>
extern char *__progname;
char **_dl_argv = &__progname; /* This is checked for some error messages. */
_dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
+ if (__libc_enable_secure)
+ {
+ static const char *unsecure_envvars[] =
+ {
+ UNSECURE_ENVVARS,
+#ifdef EXTRA_UNSECURE_ENVVARS
+ EXTRA_UNSECURE_ENVVARS
+#endif
+ };
+ size_t cnt;
+
+ for (cnt = 0;
+ cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]);
+ ++cnt)
+ unsetenv (unsecure_envvars[cnt]);
+
+ if (__access ("/etc/suid-debug", F_OK) != 0)
+ unsetenv ("MALLOC_CHECK_");
+ }
+
#ifdef DL_PLATFORM_INIT
DL_PLATFORM_INIT;
#endif
#include <bits/libc-lock.h>
#include "dynamic-link.h"
#include "dl-librecon.h"
+#include <unsecvars.h>
#include <assert.h>
{
static const char *unsecure_envvars[] =
{
+ UNSECURE_ENVVARS,
#ifdef EXTRA_UNSECURE_ENVVARS
EXTRA_UNSECURE_ENVVARS
#endif
cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]);
++cnt)
unsetenv (unsecure_envvars[cnt]);
+
+ if (__access ("/etc/suid-debug", F_OK) != 0)
+ unsetenv ("MALLOC_CHECK_");
}
/* The name of the object to profile cannot be empty. */
char *cwd;
size_t cwdlen;
- user_path = __secure_getenv ("GCONV_PATH");
+ user_path = getenv ("GCONV_PATH");
if (user_path == NULL)
{
/* No user-defined path. Make a modifiable copy of the
locale_path = NULL;
locale_path_len = 0;
- locpath_var = __secure_getenv ("LOCPATH");
+ locpath_var = getenv ("LOCPATH");
if (locpath_var != NULL && locpath_var[0] != '\0')
if (__argz_create_sep (locpath_var, ':',
&locale_path, &locale_path_len) != 0)
locale_path = NULL;
locale_path_len = 0;
- locpath_var = __secure_getenv ("LOCPATH");
+ locpath_var = getenv ("LOCPATH");
if (locpath_var != NULL && locpath_var[0] != '\0')
if (__argz_create_sep (locpath_var, ':',
&locale_path, &locale_path_len) != 0)
mALLOPt(M_MMAP_MAX, atoi(s));
}
s = getenv("MALLOC_CHECK_");
- if(s && (! secure || access ("/etc/suid-debug", F_OK) == 0)) {
+ if(s) {
if(s[0]) mALLOPt(M_CHECK_ACTION, (int)(s[0] - '0'));
__malloc_check_init();
}
-/* Copyright (c) 1998 Free Software Foundation, Inc.
+/* Copyright (c) 1998, 2000 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998.
else
{
snprintf (msg, sizeof (msg), "%d: %s", getpid (), msg2);
- syslog (LOG_NOTICE, msg);
+ syslog (LOG_NOTICE, "%s", msg);
}
va_end (ap);
}
memset (&_res_hconf, '\0', sizeof (_res_hconf));
- hconf_name = __secure_getenv (ENV_HOSTCONF);
+ hconf_name = getenv (ENV_HOSTCONF);
if (hconf_name == NULL)
hconf_name = _PATH_HOSTCONF;
#endif
/* Allow user to override the local domain definition */
- if ((cp = __secure_getenv("LOCALDOMAIN")) != NULL) {
+ if ((cp = getenv("LOCALDOMAIN")) != NULL) {
(void)strncpy(statp->defdname, cp, sizeof(statp->defdname) - 1);
statp->defdname[sizeof(statp->defdname) - 1] = '\0';
haveenv++;
#endif /* !RFC1535 */
}
- if ((cp = __secure_getenv("RES_OPTIONS")) != NULL)
+ if ((cp = getenv("RES_OPTIONS")) != NULL)
res_setoptions(statp, cp, "env");
statp->options |= RES_INIT;
return (0);
--- /dev/null
+/* Environment variable to be removed for SUID programs. */
+#define UNSECURE_ENVVARS \
+ "GCONV_PATH", \
+ "LOCALDOMAIN", \
+ "LOCPATH", \
+ "MALLOC_TRACE", \
+ "NLSPATH", \
+ "RESOLV_HOST_CONF" \
+ "RES_OPTIONS", \
+ "TMPDIR", \
+ "TZDIR"
-/* Copyright (C) 1991,92,93,95,96,97,98,99 Free Software Foundation, Inc.
+/* Copyright (C) 1991,92,93,95,96,97,98,99,2000 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
unsigned int len, tzdir_len;
char *new, *tmp;
- tzdir = __secure_getenv ("TZDIR");
+ tzdir = getenv ("TZDIR");
if (tzdir == NULL || *tzdir == '\0')
{
tzdir = default_tzdir;
projects / platform / upstream / linaro-glibc.git / commitdiff