diff options
author | Luke Shumaker <LukeShu@sbcglobal.net> | 2014-06-24 17:20:11 -0400 |
---|---|---|
committer | Luke Shumaker <LukeShu@sbcglobal.net> | 2014-06-24 17:20:11 -0400 |
commit | 68116faceb731829569ab4f2e21d2c62682107ef (patch) | |
tree | 2f82b87adf342fb1f4833f2eddfad7790a244cfc /parabolaweb-changepassword.c | |
parent | 0baf1c6fb8709add509ef4695048f4fcd4fd34bf (diff) |
I stand by my last statementv20140624.2
Diffstat (limited to 'parabolaweb-changepassword.c')
-rw-r--r-- | parabolaweb-changepassword.c | 46 |
1 files changed, 28 insertions, 18 deletions
diff --git a/parabolaweb-changepassword.c b/parabolaweb-changepassword.c index 29637da..96c89ed 100644 --- a/parabolaweb-changepassword.c +++ b/parabolaweb-changepassword.c @@ -56,27 +56,37 @@ sanitize_environment() char *a = NULL; struct passwd *user = NULL; - const char *env_term = getenv("TERM"); - const char *env_lang = getenv("LANG"); - const char *env_lc_all = getenv("LC_ALL"); - const char *env_lc_collate = getenv("LC_COLLATE"); - const char *env_lc_ctype = getenv("LC_CTIME"); - const char *env_lc_messages = getenv("LC_MESSAGES"); - const char *env_lc_monetary = getenv("LC_MONETARY"); - const char *env_lc_numeric = getenv("LC_NUMERIC"); - const char *env_lc_time = getenv("LC_TIME"); + const char *env_term = getenv("TERM" ); + const char *env_lang = getenv("LANG" ); + const char *env_lc_all = getenv("LC_ALL" ); + const char *env_lc_collate = getenv("LC_COLLATE" ); + const char *env_lc_ctype = getenv("LC_CTYPE" ); + const char *env_lc_messages = getenv("LC_MESSAGES" ); + const char *env_lc_monetary = getenv("LC_MONETARY" ); + const char *env_lc_numeric = getenv("LC_NUMERIC" ); + const char *env_lc_time = getenv("LC_TIME" ); + /* NOTE: In the main program, make sure that SUID_USER is priveleged + before trusting SUDO_* */ + const char *env_sudo_user = getenv("SUDO_USER" ); + const char *env_sudo_uid = getenv("SUDO_UID" ); + const char *env_sudo_gid = getenv("SUDO_GID" ); + const char *env_sudo_command = getenv("SUDO_COMMAND"); clearenv(); - mysetenv("TERM" , env_term ); - mysetenv("LANG" , env_lang ); - mysetenv("LC_ALL" , env_lc_all ); - mysetenv("LC_COLLATE" , env_lc_collate ); - mysetenv("LC_CTIME" , env_lc_ctype ); - mysetenv("LC_MESSAGES", env_lc_messages); - mysetenv("LC_MONETARY", env_lc_monetary); - mysetenv("LC_NUMERIC" , env_lc_numeric ); - mysetenv("LC_TIME" , env_lc_time ); + mysetenv("TERM" , env_term ); + mysetenv("LANG" , env_lang ); + mysetenv("LC_ALL" , env_lc_all ); + mysetenv("LC_COLLATE" , env_lc_collate ); + mysetenv("LC_CTYPE" , env_lc_ctype ); + mysetenv("LC_MESSAGES" , env_lc_messages ); + mysetenv("LC_MONETARY" , env_lc_monetary ); + mysetenv("LC_NUMERIC" , env_lc_numeric ); + mysetenv("LC_TIME" , env_lc_time ); + mysetenv("SUDO_USER" , env_sudo_user ); + mysetenv("SUDO_UID" , env_sudo_uid ); + mysetenv("SUDO_GID" , env_sudo_gid ); + mysetenv("SUDO_COMMAND", env_sudo_command); user = getpwuid(getuid()); /* similar to SUDO_* */ |