diff options
author | cperciva <cperciva@FreeBSD.org> | 2009-12-01 02:57:06 +0000 |
---|---|---|
committer | cperciva <cperciva@FreeBSD.org> | 2009-12-01 02:57:06 +0000 |
commit | dbccfb34d9a4442db60f517065d3c3f6596eb745 (patch) | |
tree | 78deeb0432a9f1429974257081eb66d1477babc8 /libexec | |
parent | 1f48c677b57a5904d8da8f832f04e5037fb047bb (diff) | |
download | FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.zip FreeBSD-src-dbccfb34d9a4442db60f517065d3c3f6596eb745.tar.gz |
Fix local root vulnerability.
Security: Advisory will be coming soon.
X-MFC-After: 30 seconds
Diffstat (limited to 'libexec')
-rw-r--r-- | libexec/rtld-elf/rtld.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index bffae60..cab8c87d 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -366,12 +366,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) * future processes to honor the potentially un-safe variables. */ if (!trust) { - unsetenv(LD_ "PRELOAD"); - unsetenv(LD_ "LIBMAP"); - unsetenv(LD_ "LIBRARY_PATH"); - unsetenv(LD_ "LIBMAP_DISABLE"); - unsetenv(LD_ "DEBUG"); - unsetenv(LD_ "ELF_HINTS_PATH"); + if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") || + unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") || + unsetenv(LD_ "DEBUG") || unsetenv(LD_ "ELF_HINTS_PATH")) { + _rtld_error("environment corrupt; aborting"); + die(); + } } ld_debug = getenv(LD_ "DEBUG"); libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL; |