Skip to content

GitLab

Commit b14f89e9 authored by Michael Klein's avatar Michael Klein
Browse files

drop privileges before reading environment

parent b10e54cd
Hide whitespace changes
Inline Side-by-side
EnvScreen.c
View file @ b14f89e9
...@@ -60,23 +60,20 @@ static inline void addLine(const char* line, Vector* lines, Panel* panel, const ...@@ -60,23 +60,20 @@ static inline void addLine(const char* line, Vector* lines, Panel* panel, const
static void EnvScreen_scan(EnvScreen* this, Vector* lines, IncSet* inc) { static void EnvScreen_scan(EnvScreen* this, Vector* lines, IncSet* inc) {
Panel* panel = this->display; Panel* panel = this->display;
int idx = MAX(Panel_getSelectedIndex(panel), 0); int idx = MAX(Panel_getSelectedIndex(panel), 0);
uid_t uid = getuid();
Panel_prune(panel); Panel_prune(panel);
if (uid == 0 || uid == this->process->st_uid) { uid_t euid = geteuid();
char *env = Platform_getProcessEnv(this->process->pid); seteuid(getuid());
if (env) { char *env = Platform_getProcessEnv(this->process->pid);
for (char *p = env; *p; p = strrchr(p, 0)+1) seteuid(euid);
addLine(p, lines, panel, IncSet_filter(inc)); if (env) {
free(env); for (char *p = env; *p; p = strrchr(p, 0)+1)
} addLine(p, lines, panel, IncSet_filter(inc));
else { free(env);
addLine("Could not read process environment.", lines, panel, IncSet_filter(inc));
}
} }
else { else {
addLine("Process belongs to different user.", lines, panel, IncSet_filter(inc)); addLine("Could not read process environment.", lines, panel, IncSet_filter(inc));
} }
Vector_insertionSort(lines); Vector_insertionSort(lines);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment