diff options
| author | ache <ache@FreeBSD.org> | 1995-10-20 17:26:40 +0000 |
|---|---|---|
| committer | ache <ache@FreeBSD.org> | 1995-10-20 17:26:40 +0000 |
| commit | 3972a13475c771a57958d1db9994e1ebe6cdfc47 (patch) | |
| tree | 4dfe3eada9faef3647cddd5dca85237f30d43fec /libexec/telnetd | |
| parent | c0765b5449d59669ea3b9aead4df9c0a0a5b97f3 (diff) | |
| download | FreeBSD-src-3972a13475c771a57958d1db9994e1ebe6cdfc47.zip FreeBSD-src-3972a13475c771a57958d1db9994e1ebe6cdfc47.tar.gz | |
Don't allow LD_* env. variables to be tricked
Submitted by: Sam Hartman <hartmans@mit.edu>
Diffstat (limited to 'libexec/telnetd')
| -rw-r--r-- | libexec/telnetd/sys_term.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/libexec/telnetd/sys_term.c b/libexec/telnetd/sys_term.c index c2388b5..79b9313 100644 --- a/libexec/telnetd/sys_term.c +++ b/libexec/telnetd/sys_term.c @@ -1555,6 +1555,8 @@ start_login(host, autologin, name) fatal(net, "makeutx failed"); #endif + scrub_env(); + /* * -h : pass on name of host. * WARNING: -h is accepted by login if and only if @@ -1768,6 +1770,26 @@ addarg(argv, val) #endif /* NEWINIT */ /* + * scrub_env() + * + * Remove a few things from the environment that + * don't need to be there. + */ +scrub_env() +{ + register char **cpp, **cpp2; + + for (cpp2 = cpp = environ; *cpp; cpp++) { + if (!strncmp(*cpp, "LD_", 3) && + !strncmp(*cpp, "_RLD_", 5) && + !strncmp(*cpp, "LIBPATH=", 8) && + !strncmp(*cpp, "IFS=", 4)) + *cpp2++ = *cpp; + } + *cpp2 = 0; +} + +/* * cleanup() * * This is the routine to call when we are all through, to |
