| commit | 6c39d928a8ba8618614037653a5716d20cd03a44 | |
| author | Steffen (Daode) Nurpmeso <steffen@sdaoden.eu> | |
| Tue, 17 Jan 2017 13:00:39 +0000 (17 14:00 +0100) | ||
| committer | Steffen (Daode) Nurpmeso <steffen@sdaoden.eu> | |
| Thu, 13 Apr 2017 14:47:28 +0000 (13 16:47 +0200) | ||
| tree | c391c0d71dd571317e6be50a7cd05341fe44f4d9 | treesnapshot (tar.gz zip) |
| parent | 28287b1e0075adac49d570758cc6ac48df453890 | commitdiff |
Security fix: never fall back to getenv(3)..
when looking up variables by string, unless explicitly allowed by
caller and only if the variable is not one that has an entry in
enum okeys. This rather affects the shexp shell evaluation code
and the if/elif command only, since only those called getenv(3) on
their own if the normal variable lookup failed, but this is of
course a security flaw if the variable is a fully managed one,
because it introduces a bypass that is definitely unwanted.
when looking up variables by string, unless explicitly allowed by
caller and only if the variable is not one that has an entry in
enum okeys. This rather affects the shexp shell evaluation code
and the if/elif command only, since only those called getenv(3) on
their own if the normal variable lookup failed, but this is of
course a security flaw if the variable is a fully managed one,
because it introduces a bypass that is definitely unwanted.