Home | History | Annotate | Download | only in common 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 // This is a list of environment variables which the ELF loader unsets when
      6 // loading a SUID binary. Because they are unset rather than just ignored, they
      7 // aren't passed to child processes of SUID processes either.
      8 //
      9 // We need to save these environment variables before running a SUID sandbox
     10 // and restore them before running child processes (but after dropping root).
     11 //
     12 // List gathered from glibc sources (00ebd7ed58df389a78e41dece058048725cb585e):
     13 //   sysdeps/unix/sysv/linux/i386/dl-librecon.h
     14 //   sysdeps/generic/unsecvars.h
     15 
     16 #ifndef SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     17 #define SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     18 
     19 #include <stddef.h>
     20 #include <stdint.h>
     21 #include <stdlib.h>  // malloc
     22 #include <string.h>  // memcpy
     23 
     24 static const char* const kSUIDUnsafeEnvironmentVariables[] = {
     25   "LD_AOUT_LIBRARY_PATH",
     26   "LD_AOUT_PRELOAD",
     27   "GCONV_PATH",
     28   "GETCONF_DIR",
     29   "HOSTALIASES",
     30   "LD_AUDIT",
     31   "LD_DEBUG",
     32   "LD_DEBUG_OUTPUT",
     33   "LD_DYNAMIC_WEAK",
     34   "LD_LIBRARY_PATH",
     35   "LD_ORIGIN_PATH",
     36   "LD_PRELOAD",
     37   "LD_PROFILE",
     38   "LD_SHOW_AUXV",
     39   "LD_USE_LOAD_BIAS",
     40   "LOCALDOMAIN",
     41   "LOCPATH",
     42   "MALLOC_TRACE",
     43   "NIS_PATH",
     44   "NLSPATH",
     45   "RESOLV_HOST_CONF",
     46   "RES_OPTIONS",
     47   "TMPDIR",
     48   "TZDIR",
     49   NULL,
     50 };
     51 
     52 // Return a malloc allocated string containing the 'saved' environment variable
     53 // name for a given environment variable.
     54 static inline char* SandboxSavedEnvironmentVariable(const char* envvar) {
     55   const size_t envvar_len = strlen(envvar);
     56   const size_t kMaxSizeT = (size_t) -1;
     57 
     58   if (envvar_len > kMaxSizeT - 1 - 8)
     59     return NULL;
     60 
     61   const size_t saved_envvarlen = envvar_len + 1 /* NUL terminator */ +
     62                                               8 /* strlen("SANDBOX_") */;
     63   char* const saved_envvar = (char*) malloc(saved_envvarlen);
     64   if (!saved_envvar)
     65     return NULL;
     66 
     67   memcpy(saved_envvar, "SANDBOX_", 8);
     68   memcpy(saved_envvar + 8, envvar, envvar_len);
     69   saved_envvar[8 + envvar_len] = 0;
     70 
     71   return saved_envvar;
     72 }
     73 
     74 #endif  // SANDBOX_LINUX_SUID_COMMON_SUID_UNSAFE_ENVIRONMENT_VARIABLES_H_
     75