diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-17 21:36:28 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-17 21:36:28 +0000 |
| commit | 6322c471382ebb52b1fa47ad83ff629bff9d4672 (patch) | |
| tree | 7e77aaa05c6ef360baafc2a73eb0e5d18eb39814 /chrome | |
| parent | ca97a26cb1e8997126a7c94422725fc3507015fd (diff) | |
| download | chromium_src-6322c471382ebb52b1fa47ad83ff629bff9d4672.zip chromium_src-6322c471382ebb52b1fa47ad83ff629bff9d4672.tar.gz chromium_src-6322c471382ebb52b1fa47ad83ff629bff9d4672.tar.bz2 | |
Linux sandbox: save full list of SUID unsafe environment variables.
r20733 added code to save LD_LIBRARY_PATH when using the SUID sandbox.
That fixed a P0, show-stopper bug, however, LD_LIBRARY_PATH isn't the
only variable which is stomped when using SUID binaries. This patch
extends support to all variables that we so affected.
BUG=16815
http://codereview.chromium.org/159025
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@21009 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/browser/zygote_host_linux.cc | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc index dad473b..b055834 100644 --- a/chrome/browser/zygote_host_linux.cc +++ b/chrome/browser/zygote_host_linux.cc @@ -22,6 +22,29 @@ #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_switches.h" +#include "sandbox/linux/suid/suid_unsafe_environment_variables.h" + +static void SaveSUIDUnsafeEnvironmentVariables() { + // The ELF loader will clear many environment variables so we save them to + // different names here so that the SUID sandbox can resolve them for the + // renderer. + + for (unsigned i = 0; kSUIDUnsafeEnvironmentVariables[i]; ++i) { + const char* const envvar = kSUIDUnsafeEnvironmentVariables[i]; + char* const saved_envvar = SandboxSavedEnvironmentVariable(envvar); + if (!saved_envvar) + continue; + + const char* const value = getenv(envvar); + if (value) + setenv(saved_envvar, value, 1 /* overwrite */); + else + unsetenv(saved_envvar); + + free(saved_envvar); + } +} + ZygoteHost::ZygoteHost() { std::wstring chrome_path; CHECK(PathService::Get(base::FILE_EXE, &chrome_path)); @@ -64,12 +87,7 @@ ZygoteHost::ZygoteHost() { (st.st_mode & S_IXOTH)) { cmd_line.PrependWrapper(ASCIIToWide(sandbox_binary)); - // SUID binaries clear LD_LIBRARY_PATH. However, the sandbox binary needs - // to run its child processes with the correct LD_LIBRARY_PATH so we save - // a copy here: - const char* ld_library_path = getenv("LD_LIBRARY_PATH"); - if (ld_library_path) - setenv("SANDBOX_LD_LIBRARY_PATH", ld_library_path, 1 /* overwrite */); + SaveSUIDUnsafeEnvironmentVariables(); } else { LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " "configured correctly. Rather than run without sandboxing " |