Bug#981171: [PATCH 1/6] Document that means at login time for HOME, LOGNAME, SHELL, USER

Fri, 29 Jan 2021 15:33:13 -0800 

From: Bastien Roucariès <ro...@debian.org>

Clearly document that HOME, LOGNAME, SHELL and USER are set at login time
by program like login (1).

Document also that using su could result in a mixed environment, and point to
su manual.

Signed-off-by: Bastien Roucariès <ro...@debian.org>
---
 man7/environ.7 | 34 ++++++++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/man7/environ.7 b/man7/environ.7
index 8f89ba86b..e33dcc754 100644
--- a/man7/environ.7
+++ b/man7/environ.7
@@ -65,15 +65,15 @@ Common examples are:
 .TP
 .B USER
 The name of the logged-in user (used by some BSD-derived programs).
+Set at login time, see section NOTES below.
 .TP
 .B LOGNAME
 The name of the logged-in user (used by some System-V derived programs).
+Set at login time, see section NOTES below.
 .TP
 .B HOME
-A user's login directory, set by
-.BR login (1)
-from the password file
-.BR passwd (5).
+A user's login directory, set a login time.
+Set at login time, see section NOTES below.
 .TP
 .B LANG
 The name of a locale to use for locale categories when not overridden
@@ -114,6 +114,7 @@ Set by some shells.
 .TP
 .B SHELL
 The absolute pathname of the user's login shell.
+Set at login time, see section NOTES below.
 .TP
 .B TERM
 The terminal type for which output is to be prepared.
@@ -260,6 +261,30 @@ The
 and
 .B PR_SET_MM_ENV_END
 operations can be used to control the location of the process's environment.
+.PP
+The
+.B HOME,
+.B LOGNAME,
+.B SHELL
+and
+.B USER
+variables are only set when an user is changing using
+session management interface, typically by program
+.B login(1)
+from user database (for instance, but not limited, by using
+.B password (5)
+database).
+Particularly,
+.BR setuid (2)
+family of function
+does not set theses variables. Notes that as documented,
+going to root by
+.BR su (8)
+may result in a mixed environment where
+.B LOGNAME
+and
+.B USER
+are retained from old user.
 .SH BUGS
 Clearly there is a security risk here.
 Many a system command has been
@@ -305,6 +330,7 @@ should consider renaming their option to
 .BR login (1),
 .BR printenv (1),
 .BR sh (1),
+.BR su (1),
 .BR tcsh (1),
 .BR execve (2),
 .BR clearenv (3),
-- 
2.29.2

Reply via email to