picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

user-util: extra paranoia, make sure $SHELL can't be fucked with in suid programs 

It's better to be safe than sorry, let's not allow overriding of the
user shell in suid binaries. Similar for $USER.
This commit is contained in:
Lennart Poettering 2019-03-12 15:52:06 +01:00
parent 9e73208afc
commit b2a3953f81
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/basic/user-util.c
View File

@ -80,7 +80,7 @@ char* getlogname_malloc(void) {
char *getusername_malloc(void) {
const char *e;
e = getenv("USER");
e = secure_getenv("USER");
if (e)
return strdup(e);
@ -514,7 +514,7 @@ int get_shell(char **_s) {
assert(_s);
/* Take the user specified one */
e = getenv("SHELL");
e = secure_getenv("SHELL");
if (e && path_is_valid(e) && path_is_absolute(e)) {
s = strdup(e);
if (!s)