On 08/11/2013 01:08 AM, Caroline Tice wrote:
OK, I have removed the attempt to use $HOME for the logs; they will
now either go into the directory specified by the environment variable
VTV_LOGS_DIR, or they will go into the current directory. I also
added code to use secure_getenv, rather than getenv, if it is
available. Is this patch ok to commit?
+ logs_prefix = secure_getenv ("VTV_LOGS_DIR");
+ if (!logs_prefix || strlen (logs_prefix) == 0)
+ logs_prefix = (char *) ".";
Hmm. If you fall back to the current directory, using secure_getenv
doesn't have the intended security effect. I wonder if we can simply
label this functionality as unsafe for SUID/SGID programs, like we
(hopefully) do for profiling.
Also, logs_prefix should be declared const char *, then the cast can go
away (I hope).
--
Florian Weimer / Red Hat Product Security Team
