mirror of
git://git.code.sf.net/p/cdesktopenv/code
synced 2025-03-09 15:50:02 +00:00
Don't import/export readonly attribute via magic A__z env var
While automagically importing/exporting ksh variable attributes via the environment is probably a misfeature in general (now disabled for POSIX standard mode), doing so with the readonly attribute is particularly problematic. Scripts can take into account the possibility of importing unwanted attributes by unsetting or typesetting variables before using them. But there is no way for a script to get rid of an unwanted imported readonly variable. This is a possible attack vector with no possible mitigation. This commit blocks both the import and the export of the readonly attribute through the environment. I consider it a security fix. src/cmd/ksh93/sh/init.c: env_import_attributes(): - Clear NV_RDONLY from imported attributes before applying them. src/cmd/ksh93/sh/name.c: sh_envgen(): - Remove NV_RDONLY from bitmask defining attributes to export.
This commit is contained in:
Martijn Dekker
parent
f28bce61a7
commit
7954855f21
4 changed files with 10 additions and 1 deletions
3
NEWS
3
NEWS
|
|
@ -12,6 +12,9 @@ Any uppercase BUG_* names are modernish shell bug IDs.
|
|||
3. The -c/--call, -n/--name and -s/--standard options matched all variable
|
||||
names provided by 'getconf -a', even if none were actual matches.
|
||||
|
||||
- The readonly attribute of ksh variables is no longer imported from
|
||||
or exported to other ksh shell instances through the environment.
|
||||
|
||||
2021-04-16:
|
||||
|
||||
- Fixed a bug in emacs mode: after using tab completion to complete the name
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue