commit | 762c7c65103615d976beeb4c8e2d1d9a79c87d86 | [log] [tgz] |
---|---|---|
author | Theodore Ts'o <tytso@mit.edu> | Wed Apr 06 14:44:16 2005 -0400 |
committer | Theodore Ts'o <tytso@mit.edu> | Wed Apr 06 14:44:16 2005 -0400 |
tree | 8c047e58ce33fef32240e67eaef332ef0491e7f7 | |
parent | 813b901d419cd700cf2fc65048142b024da49808 [diff] |
Add paranoia checks into the blkid, ext2fs, and ss libraries to ignore environment variables if the libraries are called from setuid or setguid programs, or if kernel believes that the process is not eligible to create a core dump. In addition, if the libc has __secure_getenv(), use it so that the libc can also do any additional limitations regarding when libraries can trust environment variables (i.e., to integrate with systems like SELinux and Posix capabilities).