diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2013-08-04 09:56:56 -0700 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2013-08-04 09:56:56 -0700 |
| commit | e0fdb6943066032db294720915c3bd644bf2bcd1 (patch) | |
| tree | 0aa420b81dc0187e2efec3ff4fe3cf046ad1c598 /lib/secure_getenv.c | |
| parent | 484ab23924d39b3e26d54074fd659633e1660ef4 (diff) | |
| download | emacs-e0fdb6943066032db294720915c3bd644bf2bcd1.tar.gz emacs-e0fdb6943066032db294720915c3bd644bf2bcd1.tar.bz2 emacs-e0fdb6943066032db294720915c3bd644bf2bcd1.zip | |
Fix some minor races in hosts lacking mkostemp.
Gnulib's emulation of mkostemp doesn't have races that Emacs's does.
* configure.ac (mkostemp): Remove check for this function;
gnulib does the check now.
(mkstemp): Remove check for this no-longer-used function.
* lib/mkostemp.c, lib/secure_getenv.c, lib/tempname.c, lib/tempname.h:
* m4/mkostemp.m4, m4/secure_getenv.m4, m4/tempname.m4:
New files, copied from Gnulib.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* admin/merge-gnulib (GNULIB_MODULES): Add mkostemp.
* lib-src/movemail.c (main):
* lib-src/update-game-score.c (write_scores):
Use mkostemp (which now works on all platforms, due to changes
in the portability layer) rather than mktemp (which has a race)
or mkstemp (which we no longer bother with).
* src/callproc.c (create_temp_file):
* src/filelock.c (create_lock_file):
Assume mkostemp, since it's now provided by Gnulib.
Fixes: debbugs:15015
Diffstat (limited to 'lib/secure_getenv.c')
| -rw-r--r-- | lib/secure_getenv.c | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/lib/secure_getenv.c b/lib/secure_getenv.c new file mode 100644 index 00000000000..6c11c5e0edb --- /dev/null +++ b/lib/secure_getenv.c @@ -0,0 +1,41 @@ +/* Look up an environment variable more securely. + + Copyright 2013 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify it + under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. */ + +#include <config.h> + +#include <stdlib.h> + +#if !HAVE___SECURE_GETENV +# if HAVE_ISSETUGID +# include <unistd.h> +# else +# undef issetugid +# define issetugid() 1 +# endif +#endif + +char * +secure_getenv (char const *name) +{ +#if HAVE___SECURE_GETENV + return __secure_getenv (name); +#else + if (issetugid ()) + return 0; + return getenv (name); +#endif +} |