diff options
| author | Lennart Poettering <lennart@poettering.net> | 2012-08-23 18:47:01 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2012-09-03 18:59:04 -0700 |
| commit | 88fae6e0441d4195e089434f07d3e7fd811d6297 (patch) | |
| tree | f5117932fa7dbf0e7cec4a11d01b87ca521623aa /TODO | |
| parent | fe1fed02c7637a2c18cd575f78be7fda27972148 (diff) | |
shared: in code that might get called from suid programs use __secure_getenv() rather than getenv()
It's better to be safe than sorry.
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -65,8 +65,6 @@ Features: * maybe make systemd-detect-virt suid? or use fscaps? -* consider using __secure_getenv() instead of getenv() in libs - * man: document in ExecStart= explicitly that we don't take shell command lines, only executable names with arguments * shutdown: don't read-only mount anything when running in container @@ -505,6 +503,8 @@ Regularly: * set_put(), hashmap_put() return values check. i.e. == 0 doesn't free()! +* use __secure_getenv() instead of getenv() where appropriate + Scheduled for removal (or fixing): * xxxOverridable dependencies |