From owner-cvs-src@FreeBSD.ORG  Thu May 17 18:00:32 2007
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@FreeBSD.org
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2025D16A400;
	Thu, 17 May 2007 18:00:32 +0000 (UTC)
	(envelope-from csjp@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 1201413C469;
	Thu, 17 May 2007 18:00:32 +0000 (UTC)
	(envelope-from csjp@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l4HI0UJ1077803;
	Thu, 17 May 2007 18:00:31 GMT
	(envelope-from csjp@repoman.freebsd.org)
Received: (from csjp@localhost)
	by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l4HI0TmL077802;
	Thu, 17 May 2007 18:00:29 GMT (envelope-from csjp)
Message-Id: <200705171800.l4HI0TmL077802@repoman.freebsd.org>
From: "Christian S.J. Peron" <csjp@FreeBSD.org>
Date: Thu, 17 May 2007 18:00:28 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/libexec/rtld-elf rtld.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 May 2007 18:00:32 -0000

csjp        2007-05-17 18:00:28 UTC

  FreeBSD src repository

  Modified files:
    libexec/rtld-elf     rtld.c 
  Log:
  In the event a process is tainted (setuid/setgid binaries), un-set any
  potentially dangerous environment variables all together. It should be
  noted that the run-time linker will not honnor these environment variables
  if the process is tainted currently. However, once a child of the tainted
  process calls setuid(2), it's status as being tainted (as defined by
  issetugid(2)) will be removed. This could be problematic because
  subsequent activations of the run-time linker could honnor these
  dangerous variables.
  
  This is more of an anti foot-shot mechanism, there is nothing I am
  aware of in base that does this, however there may be third party
  utilities which do, and there is no real negative impact of clearing
  these environment variables.
  
  Discussed on:   secteam
  Reviewed by:    cperciva
  PR:             kern/109836
  MFC after:      2 weeks
  
  Revision  Changes    Path
  1.124     +20 -10    src/libexec/rtld-elf/rtld.c