mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-23 01:44:17 +01:00
Don't allow LD_* env. variables to be tricked
Submitted by: Sam Hartman <hartmans@mit.edu>
This commit is contained in:
parent
b6369ff12e
commit
68942f23dd
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=11591
@ -1555,6 +1555,8 @@ start_login(host, autologin, name)
|
|||||||
fatal(net, "makeutx failed");
|
fatal(net, "makeutx failed");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
scrub_env();
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* -h : pass on name of host.
|
* -h : pass on name of host.
|
||||||
* WARNING: -h is accepted by login if and only if
|
* WARNING: -h is accepted by login if and only if
|
||||||
@ -1767,6 +1769,26 @@ addarg(argv, val)
|
|||||||
}
|
}
|
||||||
#endif /* NEWINIT */
|
#endif /* NEWINIT */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* scrub_env()
|
||||||
|
*
|
||||||
|
* Remove a few things from the environment that
|
||||||
|
* don't need to be there.
|
||||||
|
*/
|
||||||
|
scrub_env()
|
||||||
|
{
|
||||||
|
register char **cpp, **cpp2;
|
||||||
|
|
||||||
|
for (cpp2 = cpp = environ; *cpp; cpp++) {
|
||||||
|
if (!strncmp(*cpp, "LD_", 3) &&
|
||||||
|
!strncmp(*cpp, "_RLD_", 5) &&
|
||||||
|
!strncmp(*cpp, "LIBPATH=", 8) &&
|
||||||
|
!strncmp(*cpp, "IFS=", 4))
|
||||||
|
*cpp2++ = *cpp;
|
||||||
|
}
|
||||||
|
*cpp2 = 0;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* cleanup()
|
* cleanup()
|
||||||
*
|
*
|
||||||
|
Loading…
Reference in New Issue
Block a user