Home | History | Annotate | Download | only in common 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 // This is a list of environment variables which the ELF loader unsets when
      6 // loading a SUID binary. Because they are unset rather than just ignored, they
      7 // aren't passed to child processes of SUID processes either.
      8 //
      9 // We need to save these environment variables before running a SUID sandbox
     10 // and restore them before running child processes (but after dropping root).
     11 //
     12 // List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e):
     13 //   sysdeps/unix/sysv/linux/i386/dl-librecon.h
     14 //   sysdeps/generic/unsecvars.h
     15 
     16 #ifndef SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     17 #define SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     18 
     19 #include <stdint.h>
     20 #include <stdlib.h>  // malloc
     21 #include <string.h>  // memcpy
     22 
     23 static const char* kSUIDUnsafeEnvironmentVariables[] = {
     24   "LD_AOUT_LIBRARY_PATH",
     25   "LD_AOUT_PRELOAD",
     26   "GCONV_PATH",
     27   "GETCONF_DIR",
     28   "HOSTALIASES",
     29   "LD_AUDIT",
     30   "LD_DEBUG",
     31   "LD_DEBUG_OUTPUT",
     32   "LD_DYNAMIC_WEAK",
     33   "LD_LIBRARY_PATH",
     34   "LD_ORIGIN_PATH",
     35   "LD_PRELOAD",
     36   "LD_PROFILE",
     37   "LD_SHOW_AUXV",
     38   "LD_USE_LOAD_BIAS",
     39   "LOCALDOMAIN",
     40   "LOCPATH",
     41   "MALLOC_TRACE",
     42   "NIS_PATH",
     43   "NLSPATH",
     44   "RESOLV_HOST_CONF",
     45   "RES_OPTIONS",
     46   "TMPDIR",
     47   "TZDIR",
     48   NULL,
     49 };
     50 
     51 // Return a malloc allocated string containing the 'saved' environment variable
     52 // name for a given environment variable.
     53 static inline char* SandboxSavedEnvironmentVariable(const char* envvar) {
     54   const size_t envvar_len = strlen(envvar);
     55   const size_t kMaxSizeT = (size_t) -1;
     56 
     57   if (envvar_len > kMaxSizeT - 1 - 8)
     58     return NULL;
     59 
     60   const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ +
     61                                               8 /* strlen("SANDBOX_") */;
     62   char* const saved_envvar = (char*) malloc(saved_envvarlen);
     63   if (!saved_envvar)
     64     return NULL;
     65 
     66   memcpy(saved_envvar, "SANDBOX_", 8);
     67   memcpy(saved_envvar + 8, envvar, envvar_len);
     68   saved_envvar[8 + envvar_len] = 0;
     69 
     70   return saved_envvar;
     71 }
     72 
     73 #endif  // SANDBOX_LINUX_SUID_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     74