diff options
author | Hidehiko Abe <hidehiko@google.com> | 2018-02-07 17:03:55 +0900 |
---|---|---|
committer | Treehugger Robot <treehugger-gerrit@google.com> | 2018-02-08 01:30:36 +0000 |
commit | 7245dd98b3ecdda3e0be84e9477d9e0ab5fdc47b (patch) | |
tree | 93f1e1795cacfa1dfd6173ffe2ec8e1e0071b572 /sandbox/linux/suid/common/suid_unsafe_environment_variables.h | |
parent | 3604103cc05b01464fcb9eee079a5ac5f73174ba (diff) | |
download | libchrome-7245dd98b3ecdda3e0be84e9477d9e0ab5fdc47b.tar.gz |
Remove sandbox/.
The sandbox/ used be used only in ChromeOS.
Nowadays, it is no longer used, so remove it from the repository.
cf) https://chromium-review.googlesource.com/c/aosp/platform/external/libchrome/+/903207
Bug: None
Test: Build via Treehugger.
Change-Id: I52b79bc2caa8d807cb7a5c37498e3a8b340a625f
Diffstat (limited to 'sandbox/linux/suid/common/suid_unsafe_environment_variables.h')
-rw-r--r-- | sandbox/linux/suid/common/suid_unsafe_environment_variables.h | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/sandbox/linux/suid/common/suid_unsafe_environment_variables.h b/sandbox/linux/suid/common/suid_unsafe_environment_variables.h deleted file mode 100644 index e955e0c9c4..0000000000 --- a/sandbox/linux/suid/common/suid_unsafe_environment_variables.h +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -// This is a list of environment variables which the ELF loader unsets when -// loading a SUID binary. Because they are unset rather than just ignored, they -// aren't passed to child processes of SUID processes either. -// -// We need to save these environment variables before running a SUID sandbox -// and restore them before running child processes (but after dropping root). -// -// List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e): -// sysdeps/unix/sysv/linux/i386/dl-librecon.h -// sysdeps/generic/unsecvars.h - -#ifndef SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_ -#define SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_ - -#include <stddef.h> -#include <stdint.h> -#include <stdlib.h> // malloc -#include <string.h> // memcpy - -static const char* const kSUIDUnsafeEnvironmentVariables[] = { - "LD_AOUT_LIBRARY_PATH", - "LD_AOUT_PRELOAD", - "GCONV_PATH", - "GETCONF_DIR", - "HOSTALIASES", - "LD_AUDIT", - "LD_DEBUG", - "LD_DEBUG_OUTPUT", - "LD_DYNAMIC_WEAK", - "LD_LIBRARY_PATH", - "LD_ORIGIN_PATH", - "LD_PRELOAD", - "LD_PROFILE", - "LD_SHOW_AUXV", - "LD_USE_LOAD_BIAS", - "LOCALDOMAIN", - "LOCPATH", - "MALLOC_TRACE", - "NIS_PATH", - "NLSPATH", - "RESOLV_HOST_CONF", - "RES_OPTIONS", - "TMPDIR", - "TZDIR", - NULL, -}; - -// Return a malloc allocated string containing the 'saved' environment variable -// name for a given environment variable. -static inline char* SandboxSavedEnvironmentVariable(const char* envvar) { - const size_t envvar_len = strlen(envvar); - const size_t kMaxSizeT = (size_t) -1; - - if (envvar_len > kMaxSizeT - 1 - 8) - return NULL; - - const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ + - 8 /* strlen("SANDBOX_") */; - char* const saved_envvar = (char*) malloc(saved_envvarlen); - if (!saved_envvar) - return NULL; - - memcpy(saved_envvar, "SANDBOX_", 8); - memcpy(saved_envvar + 8, envvar, envvar_len); - saved_envvar[8 + envvar_len] = 0; - - return saved_envvar; -} - -#endif // SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_ |