Raoul Borenius a écrit : > Thanx for the quick reply! > > On Wed, Feb 07, 2007 at 12:01:22PM +0100, Aurelien Jarno wrote: >> For security reasons this environment variable (among others) is not >> used for setuid programs. /bin/ping is setuid. > > Sorry for not thinking about that. You're right... > > Probably it would be a good idea to put that into the man page of > resolver(3)?
If you think it is a good idea, please report a bug against the manpages package. It's the one which provides this man page. > BTW: is there a list of variables which are passed on to setuid programs > somwhere? I looked into setuid(3posix) but did not find anything. > There is no list of variables that are passed, but a list of variable that are not passed. This list is defined in the source code in sysdeps/generic/unsecvars.h . See the attached file. Bye, Aurelien -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `- people.debian.org/~aurel32 | www.aurel32.net
/* Environment variable to be removed for SUID programs. The names are all stuffed in a single string which means they have to be terminated with a '\0' explicitly. */ #define UNSECURE_ENVVARS \ "LD_PRELOAD\0" \ "LD_LIBRARY_PATH\0" \ "LD_ORIGIN_PATH\0" \ "LD_DEBUG\0" \ "LD_DEBUG_OUTPUT\0" \ "LD_PROFILE\0" \ "LD_USE_LOAD_BIAS\0" \ "LD_DYNAMIC_WEAK\0" \ "LD_SHOW_AUXV\0" \ "GCONV_PATH\0" \ "GETCONF_DIR\0" \ "HOSTALIASES\0" \ "LOCALDOMAIN\0" \ "LOCPATH\0" \ "MALLOC_TRACE\0" \ "NLSPATH\0" \ "RESOLV_HOST_CONF\0" \ "RES_OPTIONS\0" \ "TMPDIR\0" \ "TZDIR\0"
