summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuido van Rossum <guido@python.org>1997-03-11 18:24:21 (GMT)
committerGuido van Rossum <guido@python.org>1997-03-11 18:24:21 (GMT)
commit80eb3c02027b435ef1f0eaaa1406b43dd6eebaeb (patch)
treee61c38aa2e204843aa6c54a83d385ab546677eaa
parentb5dc5e3d7ea44ee4d029d26c98bc99deeffee346 (diff)
downloadcpython-80eb3c02027b435ef1f0eaaa1406b43dd6eebaeb.zip
cpython-80eb3c02027b435ef1f0eaaa1406b43dd6eebaeb.tar.gz
cpython-80eb3c02027b435ef1f0eaaa1406b43dd6eebaeb.tar.bz2
Zap all env vars beginning with PYTHON to prevent an obvious form of attack.
-rw-r--r--Misc/setuid-prog.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/Misc/setuid-prog.c b/Misc/setuid-prog.c
index 6f25493..b49438a 100644
--- a/Misc/setuid-prog.c
+++ b/Misc/setuid-prog.c
@@ -105,6 +105,8 @@ clean_environ(void)
**p = 'X';
else if (strncmp(*p, "_RLD", 4) == 0)
**p = 'X';
+ else if (strncmp(*p, "PYTHON", 6) == 0)
+ **p = 'X';
else if (strncmp(*p, "IFS=", 4) == 0)
*p = def_IFS;
else if (strncmp(*p, "CDPATH=", 7) == 0)