Date: Tue, 10 Jun 2008 20:36:35 +0300 From: Timo Sirainen <tss@iki.fi> To: "Sean C. Farley" <scf@FreeBSD.org> Cc: freebsd-stable@FreeBSD.org Subject: Re: Environment clearing broken in 7.0 Message-ID: <1213119395.3904.1047.camel@hurina> In-Reply-To: <alpine.BSF.1.10.0806101050160.1069@thor.farley.org> References: <1213036854.3904.967.camel@hurina> <alpine.BSF.1.10.0806092118250.3974@thor.farley.org> <1213071257.3904.991.camel@hurina> <alpine.BSF.1.10.0806101050160.1069@thor.farley.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-0POc766UTTBQl/zWvWFI Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2008-06-10 at 12:17 -0500, Sean C. Farley wrote: > >> I suggest reading the two paragraphs from Open Group's getenv()[1] > >> documentation starting at "Conforming applications are required not > >> to modify environ directly, ..." for the rationale in the new design. > >> Obviously, applications are not required to conform, but the > >> documentation talks about what an OS may be doing under the covers to > >> environ. > > > > How about implementing clearenv()? I'm using it now if it's available. >=20 > It is a thought. It is not part of SUSv3, but there are many API calls > in our libc that are not part of that spec. >=20 > Interestingly, clearenv() on Linux ends up setting environ=3DNULL. Also, > from the Linux man page: >=20 > The DG/UX and Tru64 manpages write: If environ has been modified by > anything other than the putenv(), getenv(), or clearenv() functions, > then clearenv() will return an error and the process environment > will remain unchanged. >=20 > Hopefully, no libraries on these systems are manipulating environ else > clearenv() will not work. I don't think there's any other reason to do it than clearing it. > > BTW. I wonder if this change breaks any applications where not > > clearing environment could result in a security hole. As far as I know > > FreeBSD 7.0 is the only modern OS where environ[0]=3DNULL doesn't work. >=20 > OpenSolaris also does not detect environ[0]=3DNULL. Haiku[1], like MacOS= , > does not handle environ=3DNULL. *sigh* To support the most OS's I > recommend the environ replacement such as in the static environ above. Oh. I don't have OpenSolaris installed, but I would have thought that since it worked in Solaris 10 it would have worked in OpenSolaris too. > No guarantees, but I will do some research about detecting a NULL at > environ[0] as another means of clearing the environment and/or writing > an implementation of clearenv(). Of course, you will still have > problems on OpenSolaris. What are you planning to do there, or does it > support cleanenv()? I've changed my code now to do: > environ =3D calloc(1, sizeof(*environ)); should work on all assuming NULL > was not returned. Hopefully that'll work for a few years. (I also use clearenv() if detected by configure.) > Does anyone know why clearenv() was rejected? There is hardly a peep > on > the OpenGroup web site. No idea, but I don't really understand why it returns int instead of void. It shouldn't do more than free memory. --=-0POc766UTTBQl/zWvWFI Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBITrujyUhSUUBViskRAih+AKClGqs4h0amcYYHuEI9w0MYj4oFcgCgnlXh haashtxia7QJZIrucgx+zXs= =6rV0 -----END PGP SIGNATURE----- --=-0POc766UTTBQl/zWvWFI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1213119395.3904.1047.camel>