projects
/
lttng-tools.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix: setuid/setgid daemons should not get sensitive env. var./args
[lttng-tools.git]
/
src
/
bin
/
lttng
/
lttng.c
diff --git
a/src/bin/lttng/lttng.c
b/src/bin/lttng/lttng.c
index 154f6df6b5e31e16d54e275e183290dd61775b33..8e5bb0fd468cd52b670f8dfef3b62250b7ec5aed 100644
(file)
--- a/
src/bin/lttng/lttng.c
+++ b/
src/bin/lttng/lttng.c
@@
-30,6
+30,7
@@
#include <lttng/lttng.h>
#include <common/error.h>
#include <lttng/lttng.h>
#include <common/error.h>
+#include <common/compat/getenv.h>
#include "command.h"
#include "command.h"
@@
-445,6
+446,11
@@
static int parse_args(int argc, char **argv)
int opt, ret;
char *user;
int opt, ret;
char *user;
+ if (lttng_is_setuid_setgid()) {
+ ERR("'%s' is not allowed to be executed as a setuid/setgid binary for security reasons. Aborting.", argv[0]);
+ clean_exit(EXIT_FAILURE);
+ }
+
if (argc < 2) {
usage(stderr);
clean_exit(EXIT_FAILURE);
if (argc < 2) {
usage(stderr);
clean_exit(EXIT_FAILURE);
This page took
0.024574 seconds
and
4
git commands to generate.