reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges

We can't cleanup the environment like e.g. sudo would do as you usually
want the environment to "leak" into these helpers, but some variables
like HOME should really not have still the value of the root user – it
could confuse the helpers (USER) and HOME isn't accessible anyhow.

Closes: 842877
(cherry picked from commit 34b491e735ad47c4805e63f3b83a659b8d10262b)
(cherry picked from commit cc5919076ba1c2dab773a6c06cb3dd5497f0c656)

2 files changed, 33 insertions, 0 deletions

diff --git a/test/interactive-helper/aptdropprivs.cc b/test/interactive-helper/aptdropprivs.cc
new file mode 100644
index 000000000..1cc04f36a
--- /dev/null
+++ b/test/interactive-helper/aptdropprivs.cc
@@ -0,0 +1,27 @@
+#include <config.h>
+
+#include <apt-pkg/cmndline.h>
+#include <apt-pkg/configuration.h>
+#include <apt-pkg/error.h>
+#include <apt-pkg/fileutl.h>
+
+#include <unistd.h>
+
+int main(int const argc, const char * argv[])
+{
+   CommandLine::Args Args[] = {
+      {'c',"config-file",0,CommandLine::ConfigFile},
+      {'o',"option",0,CommandLine::ArbItem},
+      {0, "user", "APT::Sandbox::User", CommandLine::HasArg},
+      {0,0,0,0}
+   };
+
+   CommandLine CmdL(Args, _config);
+   if(CmdL.Parse(argc,argv) == false || DropPrivileges() == false)
+   {
+      _error->DumpErrors(std::cerr, GlobalError::DEBUG);
+      return 42;
+   }
+
+   return execv(CmdL.FileList[0], const_cast<char**>(CmdL.FileList));
+}
diff --git a/test/interactive-helper/makefile b/test/interactive-helper/makefile
index 096767c41..450308ca7 100644
--- a/test/interactive-helper/makefile
+++ b/test/interactive-helper/makefile
@@ -51,3 +51,9 @@ SLIBS = -lapt-pkg -lpthread
 LIB_MAKES = apt-pkg/makefile
 SOURCE = aptwebserver.cc
 include $(PROGRAM_H)
+
+# Program for testing privileges
+PROGRAM=aptdropprivs
+SLIBS = -lapt-pkg
+SOURCE = aptdropprivs.cc
+include $(PROGRAM_H)