Imported from util-linux-2.9v tarball.

author: Karel Zak 2006-12-07 00:25:39 +0100
committer: Karel Zak 2006-12-07 00:25:39 +0100
commit: 7eda085c41faa3445b4b168ce78ab18dab87d98a (patch)
tree: eb8da4baebd0af68fa84818d3d51b4a3714667fc /lib/env.c
parent: Imported from util-linux-2.9i tarball. (diff)
download: kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.tar.gz
kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.tar.xz
kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.zip
1 files changed, 73 insertions, 0 deletions
diff --git a/lib/env.c b/lib/env.c
new file mode 100644
index 000000000..69c821c2d
--- /dev/null
+++ b/lib/env.c
@@ -0,0 +1,73 @@
+/*
+ * Security checks of enviroment
+ * Added from shadow-utils package
+ * by Arkadiusz Miśkiewicz <misiek@misiek.eu.org>
+ *
+ */ 
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "env.h"
+
+extern char **environ;
+
+static char * const forbid[] = {
+        "_RLD_=",
+        "BASH_ENV=",    /* GNU creeping featurism strikes again... */
+        "ENV=",
+        "HOME=",
+        "IFS=",
+        "KRB_CONF=",
+        "LD_",          /* anything with the LD_ prefix */
+        "LIBPATH=",
+        "MAIL=",
+        "NLSPATH=",
+        "PATH=",
+        "SHELL=",
+        "SHLIB_PATH=",
+        (char *) 0
+};
+
+/* these are allowed, but with no slashes inside
+   (to work around security problems in GNU gettext) */
+static char * const noslash[] = {
+        "LANG=",
+        "LANGUAGE=",
+        "LC_",          /* anything with the LC_ prefix */
+        (char *) 0
+};
+
+void
+sanitize_env(void)
+{
+        char **envp = environ;
+        char * const *bad;
+        char **cur;
+        char **move;
+
+        for (cur = envp; *cur; cur++) {
+                for (bad = forbid; *bad; bad++) {
+                        if (strncmp(*cur, *bad, strlen(*bad)) == 0) {
+                                for (move = cur; *move; move++)
+                                        *move = *(move + 1);
+                                cur--;
+                                break;
+                        }
+                }
+        }
+
+        for (cur = envp; *cur; cur++) {
+                for (bad = noslash; *bad; bad++) {
+                        if (strncmp(*cur, *bad, strlen(*bad)) != 0)
+                                continue;
+                        if (!strchr(*cur, '/'))
+                                continue;  /* OK */
+                        for (move = cur; *move; move++)
+                                *move = *(move + 1);
+                        cur--;
+                        break;
+                }
+        }
+}
+
author	Karel Zak	2006-12-07 00:25:39 +0100
committer	Karel Zak	2006-12-07 00:25:39 +0100
commit	7eda085c41faa3445b4b168ce78ab18dab87d98a (patch)
tree	eb8da4baebd0af68fa84818d3d51b4a3714667fc /lib/env.c
parent	Imported from util-linux-2.9i tarball. (diff)
download	kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.tar.gz kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.tar.xz kernel-qcow2-util-linux-7eda085c41faa3445b4b168ce78ab18dab87d98a.zip