1 files changed, 26 insertions, 0 deletions
diff --git a/libbb/login.c b/libbb/login.c
index 308e1bfed..1af3165b9 100644
--- a/libbb/login.c
+++ b/libbb/login.c
@@ -99,3 +99,29 @@ void print_login_prompt(void)
        fputs(LOGIN, stdout);
        fflush(stdout);
 }
+/* Clear dangerous stuff, set PATH */
+static const char forbid[] ALIGN1 =
+        "ENV" "\0"
+        "BASH_ENV" "\0"
+        "HOME" "\0"
+        "IFS" "\0"
+        "SHELL" "\0"
+        "LD_LIBRARY_PATH" "\0"
+        "LD_PRELOAD" "\0"
+        "LD_TRACE_LOADED_OBJECTS" "\0"
+        "LD_BIND_NOW" "\0"
+        "LD_AOUT_LIBRARY_PATH" "\0"
+        "LD_AOUT_PRELOAD" "\0"
+        "LD_NOWARN" "\0"
+        "LD_KEEPDIR" "\0";
+void sanitize_env_for_suid(void)
+{
+        const char *p = forbid;
+        do {
+                unsetenv(p);
+                p += strlen(p) + 1;
+        } while (*p);
+        putenv((char*)bb_PATH_root_path);
+}

diff --git a/libbb/login.c b/libbb/login.c index 308e1bfed..1af3165b9 100644 --- a/libbb/login.c +++ b/libbb/login.c
@@ -99,3 +99,29 @@ void print_login_prompt(void)
99	fputs(LOGIN, stdout);	99	fputs(LOGIN, stdout);
100	fflush(stdout);	100	fflush(stdout);
101	}	101	}
		102
		103	/* Clear dangerous stuff, set PATH */
		104	static const char forbid[] ALIGN1 =
		105	"ENV" "\0"
		106	"BASH_ENV" "\0"
		107	"HOME" "\0"
		108	"IFS" "\0"
		109	"SHELL" "\0"
		110	"LD_LIBRARY_PATH" "\0"
		111	"LD_PRELOAD" "\0"
		112	"LD_TRACE_LOADED_OBJECTS" "\0"
		113	"LD_BIND_NOW" "\0"
		114	"LD_AOUT_LIBRARY_PATH" "\0"
		115	"LD_AOUT_PRELOAD" "\0"
		116	"LD_NOWARN" "\0"
		117	"LD_KEEPDIR" "\0";
		118
		119	void sanitize_env_for_suid(void)
		120	{
		121	const char *p = forbid;
		122	do {
		123	unsetenv(p);
		124	p += strlen(p) + 1;
		125	} while (*p);
		126	putenv((char*)bb_PATH_root_path);
		127	}