]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fcf93c3) | patch
util: get rid of virGetEnv{Allow,Block}SUID functions
authorDaniel P. Berrangé <berrange@redhat.com>
Thu, 1 Aug 2019 12:35:56 +0000 (13:35 +0100)
committerDaniel P. Berrangé <berrange@redhat.com>
Wed, 7 Aug 2019 15:54:02 +0000 (16:54 +0100)
commit2b0d597670fb5504b7ad1411c31b8af1d3016c1b
tree0829491aea08d79b7187abc7667a6f53e2544676tree
parentfcf93c3ee0ed24d282da37713f4e8be0ce79a7c7commit | diff
util: get rid of virGetEnv{Allow,Block}SUID functions

Now that 100% of libvirt code is forbidden in a SUID environment,
we no longer need to worry about whether env variables are
trustworthy or not. The virt-login-shell setuid program, which
does not link to any libvirt code, will purge all environment
variables, except $TERM, before invoking the virt-login-shell-helper
program which uses libvirt.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
22 files changed:
cfg.mk diff | blob | blame | history
src/libvirt-admin.c diff | blob | blame | history
src/libvirt.c diff | blob | blame | history
src/libvirt_private.syms diff | blob | blame | history
src/network/leaseshelper.c diff | blob | blame | history
src/qemu/qemu_firmware.c diff | blob | blame | history
src/remote/remote_driver.c diff | blob | blame | history
src/rpc/virnetlibsshsession.c diff | blob | blame | history
src/rpc/virnettlscontext.c diff | blob | blame | history
src/util/virauth.c diff | blob | blame | history
src/util/vircommand.c diff | blob | blame | history
src/util/virfile.c diff | blob | blame | history
src/util/virlease.c diff | blob | blame | history
src/util/virlog.c diff | blob | blame | history
src/util/virsystemd.c diff | blob | blame | history
src/util/virutil.c diff | blob | blame | history
src/util/virutil.h diff | blob | blame | history
src/vbox/vbox_XPCOMCGlue.c diff | blob | blame | history
src/vbox/vbox_common.c diff | blob | blame | history
tools/virsh.c diff | blob | blame | history
tools/virt-login-shell-helper.c diff | blob | blame | history
tools/vsh.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.