diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2017-09-14 09:20:27 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2017-09-14 09:20:27 +0200 |
commit | 71e0acccfdc32de01e72ea22ece2fb9f0cbce48c (patch) | |
tree | ba132eb58b78c65f84859a08bb5b3d7694235587 /src/nss-mymachines/nss-mymachines.c | |
parent | fe102d6ab15731a199a7ea9f38c4f68d8959f86c (diff) | |
download | systemd-71e0acccfdc32de01e72ea22ece2fb9f0cbce48c.tar.gz |
nss: use secure_getenv for behaviour-modifying booleans (#6817)
Follow up for fe102d6ab15731a199a7ea9f38c4f68d8959f86c.
Diffstat (limited to 'src/nss-mymachines/nss-mymachines.c')
-rw-r--r-- | src/nss-mymachines/nss-mymachines.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c index ea90953abb..6e468853a2 100644 --- a/src/nss-mymachines/nss-mymachines.c +++ b/src/nss-mymachines/nss-mymachines.c @@ -435,7 +435,7 @@ enum nss_status _nss_mymachines_getpwnam_r( if (!machine_name_is_valid(machine)) goto not_found; - if (getenv_bool("SYSTEMD_NSS_BYPASS_BUS") > 0) + if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) /* Make sure we can't deadlock if we are invoked by dbus-daemon. This way, it won't be able to resolve * these UIDs, but that should be unproblematic as containers should never be able to connect to a bus * running on the host. */ @@ -519,7 +519,7 @@ enum nss_status _nss_mymachines_getpwuid_r( if (uid < HOST_UID_LIMIT) goto not_found; - if (getenv_bool("SYSTEMD_NSS_BYPASS_BUS") > 0) + if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) goto not_found; r = sd_bus_open_system(&bus); @@ -613,7 +613,7 @@ enum nss_status _nss_mymachines_getgrnam_r( if (!machine_name_is_valid(machine)) goto not_found; - if (getenv_bool("SYSTEMD_NSS_BYPASS_BUS") > 0) + if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) goto not_found; r = sd_bus_open_system(&bus); @@ -691,7 +691,7 @@ enum nss_status _nss_mymachines_getgrgid_r( if (gid < HOST_GID_LIMIT) goto not_found; - if (getenv_bool("SYSTEMD_NSS_BYPASS_BUS") > 0) + if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) goto not_found; r = sd_bus_open_system(&bus); |