On Wed, Jan 23, 2013 at 01:17:25PM +0100, Florian Weimer wrote: > > glibc 2.17 has secure_getenv, but not __secure_getenv. Unfortuantely, > this was the only way to turn this into an official interface. Thanks for pointing this out. I'm using Debian testing which is still using glibc 2.13. The bigger issue is that it's not just spd_readdir.c (which is in contrib and so it's not compiled from the makefile), but we are using __secure_getenv() in libext2fs and other libraries in e2fprogs. Use of __secure_getenv() is protected with a configure.in test, so we won't break when we compile under glibc 2.17, but we won't have the full benefit of using secure_getenv(), either. We use a similar safe_getenv() code which will skip the getenv if the process is running setuid, or PR_GET_DUMPABLE returns 0, so hopefully that prevents us against the worst of the security exposure, but as [1] states, "such emulation is necessarily brittle". [1] http://sourceware.org/glibc/wiki/Tips_and_Tricks/secure_getenv Can someone send me a patch, please? Or I'll put it on my todo list.... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
