| Index: sandbox/linux/suid/suid_unsafe_environment_variables.h
|
| diff --git a/sandbox/linux/suid/suid_unsafe_environment_variables.h b/sandbox/linux/suid/suid_unsafe_environment_variables.h
|
| deleted file mode 100644
|
| index 4e3329f439357308fc227318b30aa09e8c4b2f11..0000000000000000000000000000000000000000
|
| --- a/sandbox/linux/suid/suid_unsafe_environment_variables.h
|
| +++ /dev/null
|
| @@ -1,64 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -// This is a list of environment variables which the ELF loader unsets when
|
| -// loading a SUID binary. Because they are unset rather than just ignored, they
|
| -// aren't passed to child processes of SUID processes either.
|
| -//
|
| -// We need to save these environment variables before running a SUID sandbox
|
| -// and restore them before running child processes (but after dropping root).
|
| -//
|
| -// List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e):
|
| -// sysdeps/unix/sysv/linux/i386/dl-librecon.h
|
| -// sysdeps/generic/unsecvars.h
|
| -
|
| -#ifndef SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
|
| -#define SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
|
| -
|
| -static const char* kSUIDUnsafeEnvironmentVariables[] = {
|
| - "LD_AOUT_LIBRARY_PATH",
|
| - "LD_AOUT_PRELOAD",
|
| - "GCONV_PATH",
|
| - "GETCONF_DIR",
|
| - "HOSTALIASES",
|
| - "LD_AUDIT",
|
| - "LD_DEBUG",
|
| - "LD_DEBUG_OUTPUT",
|
| - "LD_DYNAMIC_WEAK",
|
| - "LD_LIBRARY_PATH",
|
| - "LD_ORIGIN_PATH",
|
| - "LD_PRELOAD",
|
| - "LD_PROFILE",
|
| - "LD_SHOW_AUXV",
|
| - "LD_USE_LOAD_BIAS",
|
| - "LOCALDOMAIN",
|
| - "LOCPATH",
|
| - "MALLOC_TRACE",
|
| - "NIS_PATH",
|
| - "NLSPATH",
|
| - "RESOLV_HOST_CONF",
|
| - "RES_OPTIONS",
|
| - "TMPDIR",
|
| - "TZDIR",
|
| - NULL,
|
| -};
|
| -
|
| -// Return a malloc allocated string containing the 'saved' environment variable
|
| -// name for a given environment variable.
|
| -static inline char* SandboxSavedEnvironmentVariable(const char* envvar) {
|
| - const size_t envvar_len = strlen(envvar);
|
| - const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ +
|
| - 8 /* strlen("SANDBOX_") */;
|
| - char* const saved_envvar = (char*) malloc(saved_envvarlen);
|
| - if (!saved_envvar)
|
| - return NULL;
|
| -
|
| - memcpy(saved_envvar, "SANDBOX_", 8);
|
| - memcpy(saved_envvar + 8, envvar, envvar_len);
|
| - saved_envvar[8 + envvar_len] = 0;
|
| -
|
| - return saved_envvar;
|
| -}
|
| -
|
| -#endif // SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
|
|
|
Chromium Code Reviews
Issue 10807059:
Refactor the setuid sandbox client code to its own class. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src