[patch] xfce4-session, libxfce4util: xfce4-shutdown features and code reorg
Brian J. Tarricone
bjt23 at cornell.edu
Sat Jan 10 22:36:36 CET 2004
Benedikt Meurer wrote:
> I committed your changes to HEAD (w/ some modifications, since setting
> environ to NULL doesn't like a good idea to me actually :-). Version
> is now 0.2.0.
hmm... a bit OT, but how _would_ you clear the environment otherwise in
the absence of clearenv()? the secure programming howto[1] advocates
seting environ = NULL for that purpose. my worry is that on a system
without clearenv() (e.g., solaris 8 doesn't appear to have it), it's
possible to fool xfce4-shutdown into running arbitrary binaries as root
if you don't clear environ before calling g_spawn_command_line_sync()
(assuming xfce4-shutdown was compiled with any of the three new
configure options i added, and that xfce4-shutdown is installed suid root).
> Thanks for your contribution. It fixes a long-standing issue :-)
you're welcome - happy to help.
-brian
[1] http://tldp.org/HOWTO/Secure-Programs-HOWTO/environment-variables.html
More information about the Xfce4-dev
mailing list