Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

Add secure_getenv() support

On systems with secure_getenv() (glibc 2.17+) use it directly. For
the fallback implementation, check the current process uids and gids
in a library initializer, looking at the saved uid and gid where
possible. Include a comment about more aggressive approaches to
detecting elevated privilege.

https://github.com/krb5/krb5/commit/ff71934f40afd4ae536638fa626fcd9ab36daf75
Author: Greg Hudson <ghudson@mit.edu>
Commit: ff71934f40afd4ae536638fa626fcd9ab36daf75
Branch: master
src/configure.ac | 16 +++++-
src/include/k5-platform.h | 9 +++
src/util/support/Makefile.in | 16 ++++--
src/util/support/secure_getenv.c | 111 ++++++++++++++++++++++++++++++++++++++
4 files changed, 146 insertions(+), 6 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Use secure_getenv() where appropriate

https://github.com/krb5/krb5/commit/d439e370b70f7af4ed2da9c692a3be7dcf7b4ac6
Author: Greg Hudson <ghudson@mit.edu>
Commit: d439e370b70f7af4ed2da9c692a3be7dcf7b4ac6
Branch: master
src/lib/kadm5/alt_prof.c | 2 +-
src/lib/krb5/ccache/ccselect_k5identity.c | 2 +-
src/lib/krb5/os/ccdefname.c | 2 +-
src/lib/krb5/os/expand_path.c | 2 +-
src/lib/krb5/os/init_os_ctx.c | 6 +++---
src/lib/krb5/os/ktdefname.c | 4 ++--
src/lib/krb5/os/trace.c | 2 +-
src/lib/krb5/rcache/rc_base.c | 4 ++--
src/lib/krb5/rcache/rc_io.c | 4 ++--
src/plugins/preauth/pkinit/pkinit_identity.c | 11 +++--------
src/plugins/tls/k5tls/openssl.c | 2 +-
src/util/profile/prof_file.c | 2 +-
12 files changed, 19 insertions(+), 24 deletions(-)