summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-11-09 19:15:01 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2016-11-09 19:33:33 +0100
commit34b491e735ad47c4805e63f3b83a659b8d10262b (patch)
tree733fb32936d1fb4a2ec7230c54addb4bcb58e95f /apt-pkg
parent2c30cf43f1c4ab96f3eca849d7eb4923ffed40b1 (diff)
reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges
We can't cleanup the environment like e.g. sudo would do as you usually want the environment to "leak" into these helpers, but some variables like HOME should really not have still the value of the root user – it could confuse the helpers (USER) and HOME isn't accessible anyhow. Closes: 842877
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/contrib/fileutl.cc20
1 files changed, 20 insertions, 0 deletions
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 6c43bed90..d52e9b360 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -3051,6 +3051,26 @@ bool DropPrivileges() /*{{{*/
return _error->Error("Could restore a uid to root, privilege dropping did not work");
}
+ if (_config->FindB("APT::Sandbox::ResetEnvironment", true))
+ {
+ setenv("HOME", pw->pw_dir, 1);
+ setenv("USER", pw->pw_name, 1);
+ setenv("USERNAME", pw->pw_name, 1);
+ setenv("LOGNAME", pw->pw_name, 1);
+ auto const shell = flNotDir(pw->pw_shell);
+ if (shell == "false" || shell == "nologin")
+ setenv("SHELL", "/bin/sh", 1);
+ else
+ setenv("SHELL", pw->pw_shell, 1);
+ auto const tmpdir = getenv("TMPDIR");
+ if (tmpdir != nullptr)
+ {
+ auto const ourtmpdir = GetTempDir();
+ if (ourtmpdir != tmpdir)
+ setenv("TMPDIR", ourtmpdir.c_str(), 1);
+ }
+ }
+
return true;
}
/*}}}*/