diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-08-26 00:17:29 +0000 |
| commit | 1ac73728e4fb9188de899a35eb12fe3adad86b1d (patch) | |
| tree | 214153b9363774b96c668b1dc2cfb1b9c7307b3b /lib/libedit/el.c | |
| parent | 05a1c82cea94423f31eeffcde116ad3b225de98e (diff) | |
use issetugid() to protect against bad getenv
Diffstat (limited to 'lib/libedit/el.c')
| -rw-r--r-- | lib/libedit/el.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libedit/el.c b/lib/libedit/el.c index 7314477a69a..6a71eb82b05 100644 --- a/lib/libedit/el.c +++ b/lib/libedit/el.c @@ -77,7 +77,7 @@ el_init(prog, fin, fout) el->el_prog = strdup(prog); #ifdef DEBUG - if ((tty = getenv("DEBUGTTY")) != NULL) { + if (issetugid() == 0 && (tty = getenv("DEBUGTTY")) != NULL) { el->el_errfile = fopen(tty, "w"); if (el->el_errfile == NULL) { extern errno; @@ -291,7 +291,7 @@ el_source(el, fname) if (fname == NULL) { fname = &elpath[1]; if ((fp = fopen(fname, "r")) == NULL) { - if ((ptr = getenv("HOME")) == NULL) + if (issetugid() != 0 || (ptr = getenv("HOME")) == NULL) return -1; fname = strncpy(path, ptr, MAXPATHLEN); (void) strncat(path, elpath, MAXPATHLEN); |