sandbox/linux/suid/suid_unsafe_environment_variables.h - Issue 159025: Linux sandbox: save full list of SUID unsafe environment variables.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: sandbox/linux/suid/suid_unsafe_environment_variables.h

Issue 159025: Linux sandbox: save full list of SUID unsafe environment variables. (Closed)

Patch Set: ... Created 11 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 // This is a list of environment variables which the ELF loader unsets when

	6 // loading a SUID binary. Because they are unset rather than just ignored, they

	7 // aren't passed to child processes of SUID processes either.

	8 //

	9 // We need to save these environment variables before running a SUID sandbox

	10 // and restore them before running child processes (but after dropping root).

	11 //

	12 // List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e):

	13 // sysdeps/unix/sysv/linux/i386/dl-librecon.h

	14 // sysdeps/generic/unsecvars.h

	15

	16 static const char* kSUIDUnsafeEnvironmentVariables[] = {

	17 "LD_AOUT_LIBRARY_PATH",

	18 "LD_AOUT_PRELOAD",

	19 "GCONV_PATH",

	20 "GETCONF_DIR",

	21 "HOSTALIASES",

	22 "LD_AUDIT",

	23 "LD_DEBUG",

	24 "LD_DEBUG_OUTPUT",

	25 "LD_DYNAMIC_WEAK",

	26 "LD_LIBRARY_PATH",

	27 "LD_ORIGIN_PATH",

	28 "LD_PRELOAD",

	29 "LD_PROFILE",

	30 "LD_SHOW_AUXV",

	31 "LD_USE_LOAD_BIAS",

	32 "LOCALDOMAIN",

	33 "LOCPATH",

	34 "MALLOC_TRACE",

	35 "NIS_PATH",

	36 "NLSPATH",

	37 "RESOLV_HOST_CONF",

	38 "RES_OPTIONS",

	39 "TMPDIR",

	40 "TZDIR",

	41 NULL,

	42 };

	43

	44 // Return a malloc allocated string containing the 'saved' environment variable

	45 // name for a given environment variable.

	46 static inline char* SandboxSavedEnvironmentVariable(const char* envvar) {

	47 const size_t envvar_len = strlen(envvar);

	48 const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ +

	49 8 /* strlen("SANDBOX_") */;
	Evan Martin 2009/07/17 21:10:57 This seems like a ton of effort to go through. Wh This seems like a ton of effort to go through. Why not just return std::string("SANDBOX_") + envvar; Eliminates manual memory management on the callee side oto. agl 2009/07/17 21:35:09 I'm currently sticking to the idea that the sandbo Show quoted text On 2009/07/17 21:10:57, Evan Martin wrote: > This seems like a ton of effort to go through. Why not just > return std::string("SANDBOX_") + envvar; > > Eliminates manual memory management on the callee side oto. I'm currently sticking to the idea that the sandbox is pure-C99 code (although we do compile as C++ because our build system is setup that way).
	50 char* const saved_envvar = (char*) malloc(saved_envvarlen);

	51 if (!saved_envvar)

	52 return NULL;

	53

	54 memcpy(saved_envvar, "SANDBOX_", 8);

	55 memcpy(saved_envvar + 8, envvar, envvar_len);

	56 saved_envvar[8 + envvar_len] = 0;

	57

	58 return saved_envvar;

	59 }

OLD	NEW

« sandbox/linux/suid/sandbox.cc ('K') | « sandbox/linux/suid/sandbox.cc ('k') | sandbox/sandbox.gyp » ('j') | no next file with comments »