Re: secure_getenv is broken on FreeBSD.

Thu, 07 Feb 2013 15:50:33 -0800 

On 02/07/2013 02:28 PM, Mats Erik Andersson wrote:
>   * Inetutils with gnulib-f65962 is broken on FreeBSD-9.0
>     since "tempname" is making "secure_getenv" mandatory,
>     against my will!

Why against your will?  Isn't it better for tempname to avoid
insecure usage?  But I do see that we can do a better job of this
on FreeBSD, so I pushed the following further patch.  I'll try
to follow up on your other comments soon.

>From bac78fc4126870cfc6792048edf7f028d7700593 Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Thu, 7 Feb 2013 15:34:23 -0800
Subject: [PATCH] secure_getenv: port better to FreeBSD and Solaris

* lib/secure_getenv.c [!HAVE___SECURE_GETENV]:
Include unistd.h if HAVE_ISSETUGID, otherwise define a dummy issetugid.
(secure_getenv) [!HAVE___SECURE_GETENV]: Use getenv if not issetugid.
This works better on BSDish platforms.
* m4/secure_getenv.m4 (gl_PREREQ_SECURE_GETENV):
Test for issetugid if __secure_getenv is missing.
---
 ChangeLog           | 10 ++++++++++
 lib/secure_getenv.c | 13 ++++++++++++-
 m4/secure_getenv.m4 |  3 +++
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index e3fb3bd..4dc8f2c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2013-02-07  Paul Eggert  <egg...@cs.ucla.edu>
+
+       secure_getenv: port better to FreeBSD and Solaris
+       * lib/secure_getenv.c [!HAVE___SECURE_GETENV]:
+       Include unistd.h if HAVE_ISSETUGID, otherwise define a dummy issetugid.
+       (secure_getenv) [!HAVE___SECURE_GETENV]: Use getenv if not issetugid.
+       This works better on BSDish platforms.
+       * m4/secure_getenv.m4 (gl_PREREQ_SECURE_GETENV):
+       Test for issetugid if __secure_getenv is missing.
+
 2013-02-06  Paul Eggert  <egg...@cs.ucla.edu>
 
        extensions: port better to MINUX 3, HP-UX, autoheader 2.62
diff --git a/lib/secure_getenv.c b/lib/secure_getenv.c
index 0b91a99..2859522 100644
--- a/lib/secure_getenv.c
+++ b/lib/secure_getenv.c
@@ -17,12 +17,23 @@
 
 #include <stdlib.h>
 
+#if !HAVE___SECURE_GETENV
+# if HAVE_ISSETUGID
+#  include <unistd.h>
+# else
+#  undef issetugid
+#  define issetugid() 1
+# endif
+#endif
+
 char *
 secure_getenv (char const *name)
 {
 #if HAVE___SECURE_GETENV
   return __secure_getenv (name);
 #else
-  return 0;
+  if (issetugid ())
+    return 0;
+  return getenv (name);
 #endif
 }
diff --git a/m4/secure_getenv.m4 b/m4/secure_getenv.m4
index 1ab5b2d..5da5298 100644
--- a/m4/secure_getenv.m4
+++ b/m4/secure_getenv.m4
@@ -19,4 +19,7 @@ AC_DEFUN([gl_FUNC_SECURE_GETENV],
 # Prerequisites of lib/secure_getenv.c.
 AC_DEFUN([gl_PREREQ_SECURE_GETENV], [
   AC_CHECK_FUNCS([__secure_getenv])
+  if test $ac_cv_func___secure_getenv = no; then
+    AC_CHECK_FUNCS([issetugid])
+  fi
 ])
-- 
1.7.11.7

Reply via email to