projects / platform / upstream / dbus.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c27c500) | patch
hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()
authorColin Walters <walters@verbum.org>
Fri, 28 Sep 2012 14:05:59 +0000 (10:05 -0400)
committerColin Walters <walters@verbum.org>
Fri, 28 Sep 2012 16:55:38 +0000 (12:55 -0400)
commitd7ffad72146c2329692e0cf32eb1ac1dbb4fb51c
treea6c37385fc5898428dde96c647be3c8567114f39tree | snapshot
parentc27c5004132e597a8f386be6f9e4235519096398commit | diff
hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()

This is a further security measure for the case of Linux/glibc
when we're linked into a binary that's using filesystem capabilities
or SELinux domain transitions (i.e. not plain old setuid).

In this case, _dbus_getenv () will return NULL because it will
use __secure_getenv(), which handles those via AT_SECURE.

https://bugs.freedesktop.org/show_bug.cgi?id=52202
dbus/dbus-keyring.c diff | blob | history
dbus/dbus-sysdeps-unix.c diff | blob | history
Domain: System / IPC;