Commit d4379ee8 authored by Colin Walters's avatar Colin Walters
Browse files

hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()

This is a further security measure for the case of Linux/glibc
when we're linked into a binary that's using filesystem capabilities
or SELinux domain transitions (i.e. not plain old setuid).

In this case, _dbus_getenv () will return NULL because it will
use __secure_getenv(), which handles those via AT_SECURE.

https://bugs.freedesktop.org/show_bug.cgi?id=52202
parent 4b351918
......@@ -718,6 +718,12 @@ _dbus_keyring_new_for_credentials (DBusCredentials *credentials,
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
if (_dbus_getenv ("HOME") == NULL)
{
dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
"Unable to create DBus keyring with no $HOME");
return FALSE;
}
if (_dbus_check_setuid ())
{
dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
......
......@@ -3434,6 +3434,12 @@ _dbus_get_autolaunch_address (const char *scope,
DBusString uuid;
dbus_bool_t retval;
if (_dbus_getenv ("PATH") == NULL)
{
dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
"Unable to autolaunch when PATH is unset");
return FALSE;
}
if (_dbus_check_setuid ())
{
dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment