oss-sec mailing list archives
Re: libdbus hardening
From: yersinia <yersinia.spiros () gmail com>
Date: Wed, 11 Jul 2012 16:12:09 +0200
Dunno if OT. But exists in other linux libc implementation similar more secure alternatives to getenv ? Thanks 2012/7/11, Solar Designer <solar () openwall com>:
On Wed, Jul 11, 2012 at 11:05:03AM +0200, Sebastian Krahmer wrote:Ok. We are not in a hurry. I added the new patch to https://bugzilla.novell.com/show_bug.cgi?id=697105 using __secure_getenv().You could want to add a #warning after the #else (when __secure_getenv is not detected by the configure script), although I'd prefer these things to be fail-close (build failing if __secure_getenv is expected to be present, but is not detected). This is an issue with security-related autoconf checks in general. Alexander
-- Inviato dal mio dispositivo mobile
Current thread:
- Re: libdbus hardening, (continued)
- Re: libdbus hardening yersinia (Jul 10)
- Re: libdbus hardening Sebastian Krahmer (Jul 10)
- Re: libdbus hardening Solar Designer (Jul 10)
- Re: libdbus hardening Sebastian Krahmer (Jul 10)
- Re: libdbus hardening Solar Designer (Jul 10)
- Re: libdbus hardening Florian Weimer (Jul 11)
- Re: libdbus hardening Tomas Hoger (Sep 13)
- Re: libdbus hardening Sebastian Krahmer (Jul 11)
- Re: libdbus hardening Solar Designer (Jul 11)
- Re: libdbus hardening yersinia (Jul 11)
- Re: libdbus hardening Solar Designer (Jul 17)
- Re: libdbus hardening Florian Weimer (Jul 17)
- Re: libdbus hardening Florian Weimer (Jul 25)
- Re: libdbus hardening yersinia (Jul 26)
- Re: libdbus hardening Ludwig Nussel (Jul 30)
- Re: libdbus hardening Florian Weimer (Jul 30)
- Re: libdbus hardening Ludwig Nussel (Jul 30)
- Re: libdbus hardening Ludwig Nussel (Jul 30)