Wiki TODO Entry: check usage of setenv()

Wed Aug 10 10:43:01 PDT 2005

:On 10.08.2005, at 13:35, Gordon Bergling wrote:
:> on http://wiki.dragonflybsd.org/index.php/SoC are several projects
:> listed. I have some spare time today and would like to take the setenv 
:> part.
:
:cool!
:
:> 1. What about src/contrib?
:
:usually don't care, except if it is a set[ug]id binary or a daemon etc. 
:At least that's how I see it.
:
:> 2. is something like
:>  |  if( setenv(....) != 1 )
:>  |  {
:>  |     fprintf(stderr, "Malloc failed!");
:>  |  }
:>
:>    enough or is there more to do?
:
:that depends on the context. Maybe the env setting isn't ciritical, so 
:a warning might be sufficient. Maybe setting the variable is an 
:absolute must, and a failure demands aborting the execution (i could 
:imagine env(1) would be such a candidate)
:
:cheers
:   simon

    I think all we really should care about are suid/sgid programs.  Normal
    programs... I don't think it matters.  setenv() should basically never
    fail, anyway.

    Alternatively we could use our varsym support to set security levels for
    libc.  So, e.g. setenv() would abort the program if it failed due to 
    being unable to allocate memory.  The only libc would need to be changed.

    In fact, I'd like to use varsym's to deal with the malloc() flags as well,
    and get rid of /etc/malloc.conf.

    There are a number of library calls that fall into the 'pretty much must
    always succeed or there is something seriously wrong with the program
    or environment' that could use the same treatment.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>