luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-10 03:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
ca28a3fc29
glib/docs
History
Philip Withnall ba414ee100 giomodule: Ignore GIO_MODULE_DIR when running as setuid 
Even if the modules in the given directory never get chosen to be used,
loading arbitrary code from a user-provided directory is not safe when
running as setuid, as the process’ environment comes from an untrusted
source.

Also ignore `GIO_EXTRA_MODULES`.

Spotted by Simon McVittie.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2168
2021-01-07 15:02:24 +00:00
..
reference giomodule: Ignore GIO_MODULE_DIR when running as setuid 2021-01-07 15:02:24 +00:00
CODEOWNERS CODEOWNERS: Add myself as co-owner of Windows stuff 2019-08-27 12:57:32 +05:30
debugging.txt tree: Fix various typos and outdated terminology 2020-06-12 15:01:08 +01:00
macros.txt Meson: Add glib_checks and glib_asserts options 2020-04-09 09:17:35 -04:00