summaryrefslogtreecommitdiff
path: root/sandbox/linux/suid/common/suid_unsafe_environment_variables.h
diff options
context:
space:
mode:
authorHidehiko Abe <hidehiko@google.com>2018-02-07 17:03:55 +0900
committerTreehugger Robot <treehugger-gerrit@google.com>2018-02-08 01:30:36 +0000
commit7245dd98b3ecdda3e0be84e9477d9e0ab5fdc47b (patch)
tree93f1e1795cacfa1dfd6173ffe2ec8e1e0071b572 /sandbox/linux/suid/common/suid_unsafe_environment_variables.h
parent3604103cc05b01464fcb9eee079a5ac5f73174ba (diff)
downloadlibchrome-7245dd98b3ecdda3e0be84e9477d9e0ab5fdc47b.tar.gz
Remove sandbox/.
The sandbox/ used be used only in ChromeOS. Nowadays, it is no longer used, so remove it from the repository. cf) https://chromium-review.googlesource.com/c/aosp/platform/external/libchrome/+/903207 Bug: None Test: Build via Treehugger. Change-Id: I52b79bc2caa8d807cb7a5c37498e3a8b340a625f
Diffstat (limited to 'sandbox/linux/suid/common/suid_unsafe_environment_variables.h')
-rw-r--r--sandbox/linux/suid/common/suid_unsafe_environment_variables.h74
1 files changed, 0 insertions, 74 deletions
diff --git a/sandbox/linux/suid/common/suid_unsafe_environment_variables.h b/sandbox/linux/suid/common/suid_unsafe_environment_variables.h
deleted file mode 100644
index e955e0c9c4..0000000000
--- a/sandbox/linux/suid/common/suid_unsafe_environment_variables.h
+++ /dev/null
@@ -1,74 +0,0 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-// This is a list of environment variables which the ELF loader unsets when
-// loading a SUID binary. Because they are unset rather than just ignored, they
-// aren't passed to child processes of SUID processes either.
-//
-// We need to save these environment variables before running a SUID sandbox
-// and restore them before running child processes (but after dropping root).
-//
-// List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e):
-// sysdeps/unix/sysv/linux/i386/dl-librecon.h
-// sysdeps/generic/unsecvars.h
-
-#ifndef SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
-#define SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
-
-#include <stddef.h>
-#include <stdint.h>
-#include <stdlib.h> // malloc
-#include <string.h> // memcpy
-
-static const char* const kSUIDUnsafeEnvironmentVariables[] = {
- "LD_AOUT_LIBRARY_PATH",
- "LD_AOUT_PRELOAD",
- "GCONV_PATH",
- "GETCONF_DIR",
- "HOSTALIASES",
- "LD_AUDIT",
- "LD_DEBUG",
- "LD_DEBUG_OUTPUT",
- "LD_DYNAMIC_WEAK",
- "LD_LIBRARY_PATH",
- "LD_ORIGIN_PATH",
- "LD_PRELOAD",
- "LD_PROFILE",
- "LD_SHOW_AUXV",
- "LD_USE_LOAD_BIAS",
- "LOCALDOMAIN",
- "LOCPATH",
- "MALLOC_TRACE",
- "NIS_PATH",
- "NLSPATH",
- "RESOLV_HOST_CONF",
- "RES_OPTIONS",
- "TMPDIR",
- "TZDIR",
- NULL,
-};
-
-// Return a malloc allocated string containing the 'saved' environment variable
-// name for a given environment variable.
-static inline char* SandboxSavedEnvironmentVariable(const char* envvar) {
- const size_t envvar_len = strlen(envvar);
- const size_t kMaxSizeT = (size_t) -1;
-
- if (envvar_len > kMaxSizeT - 1 - 8)
- return NULL;
-
- const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ +
- 8 /* strlen("SANDBOX_") */;
- char* const saved_envvar = (char*) malloc(saved_envvarlen);
- if (!saved_envvar)
- return NULL;
-
- memcpy(saved_envvar, "SANDBOX_", 8);
- memcpy(saved_envvar + 8, envvar, envvar_len);
- saved_envvar[8 + envvar_len] = 0;
-
- return saved_envvar;
-}
-
-#endif // SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 15:15:17 +0000