This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Define secure_getenv (v3)


On 7/24/2012 3:50 AM, Florian Weimer wrote:
> I learned quite a bit during this and almost forgot about the hidden costs of this change.  I still have the lingering feeling that it will hurt us in the mid-term. 8-/
> 
> -- 
> Florian Weimer / Red Hat Product Security Team
> 
> 
> 
> NEWS.patch
> 
> 
> diff --git a/NEWS b/NEWS
> index 416bf89..d6c9822 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -17,6 +17,10 @@ Version 2.17
>    zEnterprise z196.
>    Implemented by Andreas Krebbel.
>  
> +* The new function secure_getenv allows secure access to the environment,
> +  returning NULL if running in a SUID/SGID process.  This function replaces
> +  the internal function __secure_getenv.
> +
>  
>  Version 2.16
>  

This looks good to me.

You've resolved all of Roland's suggestions and my suggestions.

Are you able to check this in yourself?

http://sourceware.org/glibc/wiki/Committer%20checklist

Cheers,
Carlos.
-- 
Carlos O'Donell
Mentor Graphics / CodeSourcery
carlos_odonell@mentor.com
carlos@codesourcery.com
+1 (613) 963 1026


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]