better document perils of setuid getenv and xr with issetugid

ok deraadt
author: tedu <> 2014-07-11 09:24:03 +0000
committer: tedu <> 2014-07-11 09:24:03 +0000
commit: 4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6 (patch)
tree: 339b6811d9d3ae49bbc421203d8967d658bbb125 /src/lib/libc
parent: 3496a8589fa0454648b85a78bcc241a5c1d89735 (diff)
download: openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.tar.gz
openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.tar.bz2
openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.zip
1 files changed, 10 insertions, 2 deletions
diff --git a/src/lib/libc/stdlib/getenv.3 b/src/lib/libc/stdlib/getenv.3
index 2333559516..ce2ef43b6f 100644
--- a/src/lib/libc/stdlib/getenv.3
+++ b/src/lib/libc/stdlib/getenv.3
@@ -29,9 +29,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"     $OpenBSD: getenv.3,v 1.20 2014/04/21 08:46:59 guenther Exp $
+.\"     $OpenBSD: getenv.3,v 1.21 2014/07/11 09:24:03 tedu Exp $
 .\"
-.Dd $Mdocdate: April 21 2014 $
+.Dd $Mdocdate: July 11 2014 $
 .Dt GETENV 3
 .Os
 .Sh NAME
@@ -145,6 +145,7 @@ function failed because it was unable to allocate memory for the environment.
 .Xr csh 1 ,
 .Xr sh 1 ,
 .Xr execve 2 ,
+.Xr issetugid 2 ,
 .Xr environ 7
 .Sh STANDARDS
 The
@@ -175,3 +176,10 @@ The
 .Fn putenv
 function appeared in
 .Bx 4.3 Reno .
+.Sh CAVEATS
+Library code must be careful about using
+.Fn getenv
+to read untrusted environment variables in setuid programs.
+The
+.Fn issetugid
+function is provided for this purpose.
author	tedu <>	2014-07-11 09:24:03 +0000
committer	tedu <>	2014-07-11 09:24:03 +0000
commit	4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6 (patch)
tree	339b6811d9d3ae49bbc421203d8967d658bbb125 /src/lib/libc
parent	3496a8589fa0454648b85a78bcc241a5c1d89735 (diff)
download	openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.tar.gz openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.tar.bz2 openbsd-4b550e7e97a6068d5f18fbfc47b22d8b4faa4ff6.zip

diff --git a/src/lib/libc/stdlib/getenv.3 b/src/lib/libc/stdlib/getenv.3 index 2333559516..ce2ef43b6f 100644 --- a/src/lib/libc/stdlib/getenv.3 +++ b/src/lib/libc/stdlib/getenv.3
@@ -29,9 +29,9 @@
29	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF	29	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30	.\" SUCH DAMAGE.	30	.\" SUCH DAMAGE.
31	.\"	31	.\"
32	.\" $OpenBSD: getenv.3,v 1.20 2014/04/21 08:46:59 guenther Exp $	32	.\" $OpenBSD: getenv.3,v 1.21 2014/07/11 09:24:03 tedu Exp $
33	.\"	33	.\"
34	.Dd $Mdocdate: April 21 2014 $	34	.Dd $Mdocdate: July 11 2014 $
35	.Dt GETENV 3	35	.Dt GETENV 3
36	.Os	36	.Os
37	.Sh NAME	37	.Sh NAME
@@ -145,6 +145,7 @@ function failed because it was unable to allocate memory for the environment.
145	.Xr csh 1 ,	145	.Xr csh 1 ,
146	.Xr sh 1 ,	146	.Xr sh 1 ,
147	.Xr execve 2 ,	147	.Xr execve 2 ,
		148	.Xr issetugid 2 ,
148	.Xr environ 7	149	.Xr environ 7
149	.Sh STANDARDS	150	.Sh STANDARDS
150	The	151	The
@@ -175,3 +176,10 @@ The
175	.Fn putenv	176	.Fn putenv
176	function appeared in	177	function appeared in
177	.Bx 4.3 Reno .	178	.Bx 4.3 Reno .
		179	.Sh CAVEATS
		180	Library code must be careful about using
		181	.Fn getenv
		182	to read untrusted environment variables in setuid programs.
		183	The
		184	.Fn issetugid
		185	function is provided for this purpose.