projects / platform / upstream / dbus.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4b35191) | patch
hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()
authorColin Walters <walters@verbum.org>
Fri, 28 Sep 2012 14:05:59 +0000 (10:05 -0400)
committerColin Walters <walters@verbum.org>
Fri, 28 Sep 2012 14:18:15 +0000 (10:18 -0400)
commitd4379ee8dbbe157db173464530df7c069b6fd86f
treeb306254794a51a3c4ccfc167e02f92d728cdaf4btree | snapshot
parent4b351918b9f70eaedbdb3ab39208bc1f131efae0commit | diff
hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()

This is a further security measure for the case of Linux/glibc
when we're linked into a binary that's using filesystem capabilities
or SELinux domain transitions (i.e. not plain old setuid).

In this case, _dbus_getenv () will return NULL because it will
use __secure_getenv(), which handles those via AT_SECURE.

https://bugs.freedesktop.org/show_bug.cgi?id=52202
dbus/dbus-keyring.c diff | blob | history
dbus/dbus-sysdeps-unix.c diff | blob | history
Domain: System / IPC;