Eygene Ryabinkin schreef:
Good evening.
Tue, Dec 01, 2009 at 05:09:57PM +0300, Vasim Valejev wrote:
I've used that patch to close the hole. This patch is temporary and
doesn't fix real trouble maker - problem in new version in getenv()
If you're talking about rtld-elf local root, then the real issue
is that return values of unsetenv() are not checked and unsetenv()
could fail, thus leaving LD_PRELOAD and friends left unmodified.
Isn't the real issue that unsetenv() works differently from getenv() ?
If they both said 'your environment is crappy' there wouldn't have been
a problem, would it ?
If I'm correct, rtld isn't that wrong: It seems like a sane assumption
to me that if you can't delete it, you can't retreive it either. (There
are exceptions to this rule, like problems with freeing the memory, but
that isn't a problem in this case)
-- Jille
(after 6.3 it got changed to something monstrous and non-working right
if environment has only one variable),
Sorry, what do you mean by this? Does the attached script print 'VAR =
variable' for you as it does for me on 8.0-BETA2 (and undoubtly, on
8.0)? If yes then getenv() works properly with a single environment
variable. Perhaps you meant something else?
------------------------------------------------------------------------
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
