trivially untaint environment for the main child process

diff --git a/Changelog b/Changelog
index fb1b6765a8279286aa41b1394a77e09362f3d6a3..5423050d385bde10f60334271f4734b80c60f19a 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -4,9 +4,11 @@ msva-perl (0.4~pre) upstream;
     directly (needs GnuPG::Interface, Regexp::Common) (closes MS #2034)
   * adds MSVA_KEYSERVER_POLICY and MSVA_KEYSERVER environment variables.
   * added a marginal UI (needs Gtk2 perl module) (closes MS #2004)
-  * untaint input uids (closes MS #2270)
+  * Filter incoming uids to match a strict regex (closes MS #2270)
+  * Trivially untaint the environment for the single child process
+    (closes MS #2461)
 
- -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Sat, 02 Oct 2010 23:54:11 -0400
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Mon, 04 Oct 2010 01:06:52 -0400
 
 msva-perl (0.3) upstream;
 

diff --git a/Crypt/Monkeysphere/MSVA.pm b/Crypt/Monkeysphere/MSVA.pm
index 0be02f83af119155cf952e8a99ff041750a949ea..a3ccff53221d6c409d7a6fd0cc97cfac3a44491f 100755 (executable)
--- a/Crypt/Monkeysphere/MSVA.pm
+++ b/Crypt/Monkeysphere/MSVA.pm
@@ -594,7 +594,11 @@
           for my $arg (@ARGV) {
             msvalog('verbose', " %s\n", $arg);
           }
-          $ENV{PATH} = untaint($ENV{PATH});
+          # untaint the environment for the subprocess
+          # see: https://labs.riseup.net/code/issues/2461
+          foreach my $e (keys %ENV) {
+            $ENV{$e} = untaint($ENV{$e});
+          }
           my @args;
           foreach (@ARGV) {
             push @args, untaint($_);