diff options
| author | Chia-I Wu <[email protected]> | 2010-02-02 16:47:53 +0800 |
|---|---|---|
| committer | Chia-I Wu <[email protected]> | 2010-02-03 14:16:15 +0800 |
| commit | 6fd8b6a9e22f474117281b00d15c548c29b8197f (patch) | |
| tree | 87fe60361a6b5289b9a2fdf7f91f3a4250a1d4af | |
| parent | 5d8646c41ff3022692fa9d7f5f1644a2a60641e4 (diff) | |
egl: Ignore certain environment variables when setuid/setgid.
Specifically, ignore EGL_DRIVERS_PATH when an application is
setuid/setgid. And ignore EGL_DRIVER when there is a slash in it.
| -rw-r--r-- | docs/egl.html | 5 | ||||
| -rw-r--r-- | src/egl/main/egldriver.c | 18 |
2 files changed, 19 insertions, 4 deletions
diff --git a/docs/egl.html b/docs/egl.html index 8a2ea7c0442..30cbe0eaedd 100644 --- a/docs/egl.html +++ b/docs/egl.html @@ -131,7 +131,8 @@ runtime</p> <p>By default, the main library will look for drivers in the directory where the drivers are installed to. This variable specifies a list of colon-separated directories where the main library will look for drivers, in -addition to the default directory.</p> +addition to the default directory. This variable is ignored for setuid/setgid +binaries.</p> </li> @@ -139,7 +140,7 @@ addition to the default directory.</p> <p>This variable specifies a full path to an EGL driver and it forces the specified EGL driver to be loaded. It comes in handy when one wants to test a -specific driver.</p> +specific driver. This variable is ignored for setuid/setgid binaries.</p> </li> diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c index 139f8396853..0ccdea76c9b 100644 --- a/src/egl/main/egldriver.c +++ b/src/egl/main/egldriver.c @@ -415,6 +415,14 @@ _eglGetSearchPath(void) int ret; p = getenv("EGL_DRIVERS_PATH"); +#if defined(_EGL_PLATFORM_POSIX) + if (p && (geteuid() != getuid() || getegid() != getgid())) { + _eglLog(_EGL_DEBUG, + "ignore EGL_DRIVERS_PATH for setuid/setgid binaries"); + p = NULL; + } +#endif /* _EGL_PLATFORM_POSIX */ + if (p) { ret = snprintf(buffer, sizeof(buffer), "%s:%s", p, _EGL_DRIVER_SEARCH_DIR); @@ -446,9 +454,15 @@ _eglPreloadUserDriver(void) env = getenv("EGL_DRIVER"); #if defined(_EGL_PLATFORM_POSIX) - if (env && strchr(env, '/')) + if (env && strchr(env, '/')) { search_path = ""; -#endif + if ((geteuid() != getuid() || getegid() != getgid())) { + _eglLog(_EGL_DEBUG, + "ignore EGL_DRIVER for setuid/setgid binaries"); + env = NULL; + } + } +#endif /* _EGL_PLATFORM_POSIX */ if (!env) return EGL_FALSE; |