diff options
Diffstat (limited to 'gl/secure_getenv.c')
| -rw-r--r-- | gl/secure_getenv.c | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/gl/secure_getenv.c b/gl/secure_getenv.c deleted file mode 100644 index 167d50b807..0000000000 --- a/gl/secure_getenv.c +++ /dev/null @@ -1,54 +0,0 @@ -/* Look up an environment variable, returning NULL in insecure situations. - - Copyright 2013-2016 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published - by the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ - -#include <config.h> - -#include <stdlib.h> - -#if !HAVE___SECURE_GETENV -# if HAVE_ISSETUGID || (HAVE_GETUID && HAVE_GETEUID && HAVE_GETGID && HAVE_GETEGID) -# include <unistd.h> -# endif -#endif - -char * -secure_getenv (char const *name) -{ -#if HAVE___SECURE_GETENV /* glibc */ - return __secure_getenv (name); -#elif HAVE_ISSETUGID /* OS X, FreeBSD, NetBSD, OpenBSD */ - if (issetugid ()) - return NULL; - return getenv (name); -#elif HAVE_GETUID && HAVE_GETEUID && HAVE_GETGID && HAVE_GETEGID /* other Unix */ - if (geteuid () != getuid () || getegid () != getgid ()) - return NULL; - return getenv (name); -#elif (defined _WIN32 || defined __WIN32__) && ! defined __CYGWIN__ /* native Windows */ - /* On native Windows, there is no such concept as setuid or setgid binaries. - - Programs launched as system services have high privileges, but they don't - inherit environment variables from a user. - - Programs launched by a user with "Run as Administrator" have high - privileges and use the environment variables, but the user has been asked - whether he agrees. - - Programs launched by a user without "Run as Administrator" cannot gain - high privileges, therefore there is no risk. */ - return getenv (name); -#else - return NULL; -#endif -} |