#include <string.h>
#include <sys/file.h>
-extern char **environ;
char *newenviron[$#envsave+6];
int i=0;
$envsave
newenviron[i++]="HOME=$ENV{HOME}";
newenviron[i++]="WRAPPED_OPTIONS=$configstring";
- newenviron[i]=NULL;
- environ=newenviron;
+
+ if (clearenv() != 0) {
+ perror("clearenv");
+ exit(1);
+ }
+ for (; i>0; i--)
+ putenv(newenviron[i-1]);
if (setregid(getegid(), -1) != 0 &&
setregid(getegid(), -1) != 0) {
wiki source files, such as .htaccess, that would normally be skipped
for security or other reasons. Closes: #447267
(Thanks to Aaron Wilson for the original patch.)
+ * Allow wrappers to be built using tcc.
-- Joey Hess <joeyh@debian.org> Sat, 13 Mar 2010 14:48:10 -0500
versions: Debian lenny + backports
-
-
-
+> Seems that tcc does not respect changing where `environ` points as a way
+> to change the environment seen after `exec`
+>
+> Given that the man page for `clearenv` suggests using `environ=NULL`
+> if `clearenv` is not available, I would be lerry or using tcc to compile
+> stuff, since that could easily lead to a security compromise of code that
+> expects that to work. However, I have fixed ikiwiki to use `clearenv`.
+> --[[Joey]] [[done]]
projects / ikiwiki.git / commitdiff