Don't use getenv for critical functions when run as setuid/setgid

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5856)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-04-04 14:45:49 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-04-04 14:45:49 +0200
commit: 284f4f6b70998b2b46dc74c3003c82cb1db0e742 (patch)
tree: b5bf90f6a5a1803c699f182fb756d52e2c0d450a /CHANGES
parent: dc55e4f70f401c5869410d6a0c068c18c3fd53ec (diff)
download: openssl-new-284f4f6b70998b2b46dc74c3003c82cb1db0e742.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index b4d0329491..40b58239d5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
 
+  *) Don't use OPENSSL_ENGINES and OPENSSL_CONF environment values
+     in libcrypto when run as setuid/setgid.
+     [Bernd Edlinger]
+
   *) Added new public header file <openssl/rand_drbg.h> and documentation
      for the RAND_DRBG API. See manual page RAND_DRBG(7) for an overview.
      [Matthias St. Pierre]
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-04-04 14:45:49 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-04-04 14:45:49 +0200
commit	284f4f6b70998b2b46dc74c3003c82cb1db0e742 (patch)
tree	b5bf90f6a5a1803c699f182fb756d52e2c0d450a /CHANGES
parent	dc55e4f70f401c5869410d6a0c068c18c3fd53ec (diff)
download	openssl-new-284f4f6b70998b2b46dc74c3003c82cb1db0e742.tar.gz