oss-sec mailing list archives

Re: libdbus hardening

From: Solar Designer <solar () openwall com>
Date: Tue, 17 Jul 2012 14:02:56 +0400

On Wed, Jul 11, 2012 at 04:12:09PM +0200, yersinia wrote:

But exists in other linux libc implementation similar more secure
alternatives to getenv ?


I'm not aware of other Linux libc's having this, but I proposed
__secure_getenv() (as well as OpenBSD'ish issetugid() or/and
__libc_enable_secure) for addition to musl.  (No, I did not write any
code for this.  I merely told Rich and heard back.)  I may be biased,
but I think that musl is the main alternative to glibc on Linux now.

Alexander

Current thread:

Re: libdbus hardening, (continued)
- - - Re: libdbus hardening Sebastian Krahmer (Jul 10)
    - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Sebastian Krahmer (Jul 10)
    - Re: libdbus hardening Solar Designer (Jul 10)
    - Re: libdbus hardening Florian Weimer (Jul 11)
    - Re: libdbus hardening Tomas Hoger (Sep 13)
- Re: libdbus hardening Simon McVittie (Jul 10)
  - Re: libdbus hardening Sebastian Krahmer (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 11)
    - Re: libdbus hardening yersinia (Jul 11)
    - Re: libdbus hardening Solar Designer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 17)
    - Re: libdbus hardening Florian Weimer (Jul 25)
    - Re: libdbus hardening yersinia (Jul 26)
    - Re: libdbus hardening Ludwig Nussel (Jul 30)
    - Re: libdbus hardening Florian Weimer (Jul 30)
    - Re: libdbus hardening Ludwig Nussel (Jul 30)
- Re: libdbus hardening Simon McVittie (Jul 26)
  - Re: libdbus hardening Ludwig Nussel (Jul 30)