diff options
| author | csjp <csjp@FreeBSD.org> | 2007-05-17 18:00:27 +0000 |
|---|---|---|
| committer | csjp <csjp@FreeBSD.org> | 2007-05-17 18:00:27 +0000 |
| commit | 9c7934b018b6822bc955874e98ef8274306df4b2 (patch) | |
| tree | 5f85f72d9fcaa91dfab267321f002677b17883e0 /lib/libc | |
| parent | 95bf1ef490be6f898f480348aadc72480bb7a0cd (diff) | |
| download | FreeBSD-src-9c7934b018b6822bc955874e98ef8274306df4b2.zip FreeBSD-src-9c7934b018b6822bc955874e98ef8274306df4b2.tar.gz | |
In the event a process is tainted (setuid/setgid binaries), un-set any
potentially dangerous environment variables all together. It should be
noted that the run-time linker will not honnor these environment variables
if the process is tainted currently. However, once a child of the tainted
process calls setuid(2), it's status as being tainted (as defined by
issetugid(2)) will be removed. This could be problematic because
subsequent activations of the run-time linker could honnor these
dangerous variables.
This is more of an anti foot-shot mechanism, there is nothing I am
aware of in base that does this, however there may be third party
utilities which do, and there is no real negative impact of clearing
these environment variables.
Discussed on: secteam
Reviewed by: cperciva
PR: kern/109836
MFC after: 2 weeks
Diffstat (limited to 'lib/libc')
0 files changed, 0 insertions, 0 deletions
