Michael McMahon wrote:
:
In toEnvironmentBlock does the getenv("SystemRoot") need to be done
in a privileged block (I'm just thinking of the case where you have
permissions to exec the process but not read the variable). Also do
you need to handle the case that it is null?
The permission check happens at a higher level. We're dealing directly
with the data at this level.
So, we don't need a privileged block.
Do you mind checking it? I'm pretty sure there will be caller frames on
the stack that aren't in the null protection domain and so getenv will
fail with a security exception if there isn't permission to read it.
-Alan.
