From owner-freebsd-stable@FreeBSD.ORG Tue Jun 10 17:37:07 2008 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EC753106566B; Tue, 10 Jun 2008 17:37:07 +0000 (UTC) (envelope-from tss@iki.fi) Received: from dovecot.org (dovecot.org [82.118.211.50]) by mx1.freebsd.org (Postfix) with ESMTP id 7F1678FC27; Tue, 10 Jun 2008 17:37:07 +0000 (UTC) (envelope-from tss@iki.fi) Received: from [192.168.10.2] (xdsl-177-118.nblnetworks.fi [217.30.177.118]) by dovecot.org (Postfix) with ESMTP id 1AC56FA8B09; Tue, 10 Jun 2008 20:36:36 +0300 (EEST) From: Timo Sirainen To: "Sean C. Farley" In-Reply-To: References: <1213036854.3904.967.camel@hurina> <1213071257.3904.991.camel@hurina> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-0POc766UTTBQl/zWvWFI" Date: Tue, 10 Jun 2008 20:36:35 +0300 Message-Id: <1213119395.3904.1047.camel@hurina> Mime-Version: 1.0 X-Mailer: Evolution 2.22.1 Cc: freebsd-stable@FreeBSD.org Subject: Re: Environment clearing broken in 7.0 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 17:37:08 -0000 --=-0POc766UTTBQl/zWvWFI Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2008-06-10 at 12:17 -0500, Sean C. Farley wrote: > >> I suggest reading the two paragraphs from Open Group's getenv()[1] > >> documentation starting at "Conforming applications are required not > >> to modify environ directly, ..." for the rationale in the new design. > >> Obviously, applications are not required to conform, but the > >> documentation talks about what an OS may be doing under the covers to > >> environ. > > > > How about implementing clearenv()? I'm using it now if it's available. >=20 > It is a thought. It is not part of SUSv3, but there are many API calls > in our libc that are not part of that spec. >=20 > Interestingly, clearenv() on Linux ends up setting environ=3DNULL. Also, > from the Linux man page: >=20 > The DG/UX and Tru64 manpages write: If environ has been modified by > anything other than the putenv(), getenv(), or clearenv() functions, > then clearenv() will return an error and the process environment > will remain unchanged. >=20 > Hopefully, no libraries on these systems are manipulating environ else > clearenv() will not work. I don't think there's any other reason to do it than clearing it. > > BTW. I wonder if this change breaks any applications where not > > clearing environment could result in a security hole. As far as I know > > FreeBSD 7.0 is the only modern OS where environ[0]=3DNULL doesn't work. >=20 > OpenSolaris also does not detect environ[0]=3DNULL. Haiku[1], like MacOS= , > does not handle environ=3DNULL. *sigh* To support the most OS's I > recommend the environ replacement such as in the static environ above. Oh. I don't have OpenSolaris installed, but I would have thought that since it worked in Solaris 10 it would have worked in OpenSolaris too. > No guarantees, but I will do some research about detecting a NULL at > environ[0] as another means of clearing the environment and/or writing > an implementation of clearenv(). Of course, you will still have > problems on OpenSolaris. What are you planning to do there, or does it > support cleanenv()? I've changed my code now to do: > environ =3D calloc(1, sizeof(*environ)); should work on all assuming NULL > was not returned. Hopefully that'll work for a few years. (I also use clearenv() if detected by configure.) > Does anyone know why clearenv() was rejected? There is hardly a peep > on > the OpenGroup web site. No idea, but I don't really understand why it returns int instead of void. It shouldn't do more than free memory. --=-0POc766UTTBQl/zWvWFI Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBITrujyUhSUUBViskRAih+AKClGqs4h0amcYYHuEI9w0MYj4oFcgCgnlXh haashtxia7QJZIrucgx+zXs= =6rV0 -----END PGP SIGNATURE----- --=-0POc766UTTBQl/zWvWFI--