oss-sec mailing list archives

Re: libdbus hardening

From: Ludwig Nussel <ludwig.nussel () suse de>
Date: Mon, 30 Jul 2012 10:59:59 +0200

Florian Weimer wrote:

On 07/17/2012 12:08 PM, Florian Weimer wrote:

Note that GNU libc will likely change the name to secure_getenv.
Upstream does not want to document __secure_getenv as-is.


This will be part of glibc 2.17.  autoconf instructions are available here:

<http://sourceware.org/glibc/wiki/Tips_and_Tricks/secure_getenv>


Now the next step would be to make glibc automatically use secure_getenv
when running setuid root and require programs to explicitly call
insecure_getenv() or something like that :-)

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)

Current thread:

Re: libdbus hardening, (continued)
- - - Re: libdbus hardening Florian Weimer (Jul 11)
    - Re: libdbus hardening Tomas Hoger (Sep 13)
- Re: libdbus hardening Simon McVittie (Jul 10)
  - Re: libdbus hardening Sebastian Krahmer (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 11)
    - Re: libdbus hardening yersinia (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 25)
    - Re: libdbus hardening yersinia (Jul 26)
    - Re: libdbus hardening Ludwig Nussel (Jul 30)
    - Re: libdbus hardening Florian Weimer (Jul 30)
    - Re: libdbus hardening Ludwig Nussel (Jul 30)
- Re: libdbus hardening Simon McVittie (Jul 26)
  - Re: libdbus hardening Ludwig Nussel (Jul 30)