This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Define secure_getenv (v3)
On 7/24/2012 3:50 AM, Florian Weimer wrote:
> I learned quite a bit during this and almost forgot about the hidden costs of this change. I still have the lingering feeling that it will hurt us in the mid-term. 8-/
>
> --
> Florian Weimer / Red Hat Product Security Team
>
>
>
> NEWS.patch
>
>
> diff --git a/NEWS b/NEWS
> index 416bf89..d6c9822 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -17,6 +17,10 @@ Version 2.17
> zEnterprise z196.
> Implemented by Andreas Krebbel.
>
> +* The new function secure_getenv allows secure access to the environment,
> + returning NULL if running in a SUID/SGID process. This function replaces
> + the internal function __secure_getenv.
> +
>
> Version 2.16
>
This looks good to me.
You've resolved all of Roland's suggestions and my suggestions.
Are you able to check this in yourself?
http://sourceware.org/glibc/wiki/Committer%20checklist
Cheers,
Carlos.
--
Carlos O'Donell
Mentor Graphics / CodeSourcery
carlos_odonell@mentor.com
carlos@codesourcery.com
+1 (613) 963 1026