2015-03-16 18:31 GMT+01:00 David Herrmann <[email protected]>:
> Hi
>
> On Sun, Mar 15, 2015 at 12:36 PM, Ronny Chevalier
> <[email protected]> wrote:
>> 2015-03-15 3:27 GMT+01:00 Shawn Landden <[email protected]>:
>>> All these except user_data_home_dir() are certainly vectors for
>>> arbitrary code execution. These should use secure_getenv()
>>> ---
>>
>> Hi,
>>
>> I don't see why secure_getenv() is appropriate here? These functions
>> are never used in the libraries systemd provides, they are mostly used
>> by systemctl and the dbus manager. Can you provide more details?
>
> You're right, but on the other hand secure_getenv() is usually
> sufficient (we don't use setuid() nor fs-caps). So secure_getenv()
> wouldn't hurt.

I think it would hurt in a SELinux environment. Because if the
AT_SECURE flag is set, secure_getenv will return NULL and tools like
systemctl will fail for certain tasks.

> But I don't really care..
>
> Thanks
> David
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to