(root)/
gettext-0.22.4/
gettext-tools/
gnulib-lib/
secure_getenv.c
       1  /* Look up an environment variable, returning NULL in insecure situations.
       2  
       3     Copyright 2013-2023 Free Software Foundation, Inc.
       4  
       5     This file is free software: you can redistribute it and/or modify
       6     it under the terms of the GNU Lesser General Public License as
       7     published by the Free Software Foundation; either version 2.1 of the
       8     License, or (at your option) any later version.
       9  
      10     This file is distributed in the hope that it will be useful,
      11     but WITHOUT ANY WARRANTY; without even the implied warranty of
      12     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      13     GNU Lesser General Public License for more details.
      14  
      15     You should have received a copy of the GNU Lesser General Public License
      16     along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
      17  
      18  #include <config.h>
      19  
      20  #include <stdlib.h>
      21  
      22  #if !HAVE___SECURE_GETENV
      23  # if HAVE_ISSETUGID || (HAVE_GETUID && HAVE_GETEUID && HAVE_GETGID && HAVE_GETEGID)
      24  #  include <unistd.h>
      25  # endif
      26  #endif
      27  
      28  char *
      29  secure_getenv (char const *name)
      30  {
      31  #if HAVE___SECURE_GETENV /* glibc */
      32    return __secure_getenv (name);
      33  #elif HAVE_ISSETUGID /* musl, OS X, FreeBSD, NetBSD, OpenBSD, Solaris, Minix */
      34    if (issetugid ())
      35      return NULL;
      36    return getenv (name);
      37  #elif HAVE_GETUID && HAVE_GETEUID && HAVE_GETGID && HAVE_GETEGID /* other Unix */
      38    if (geteuid () != getuid () || getegid () != getgid ())
      39      return NULL;
      40    return getenv (name);
      41  #elif defined _WIN32 && ! defined __CYGWIN__ /* native Windows */
      42    /* On native Windows, there is no such concept as setuid or setgid binaries.
      43       - Programs launched as system services have high privileges, but they don't
      44         inherit environment variables from a user.
      45       - Programs launched by a user with "Run as Administrator" have high
      46         privileges and use the environment variables, but the user has been asked
      47         whether he agrees.
      48       - Programs launched by a user without "Run as Administrator" cannot gain
      49         high privileges, therefore there is no risk. */
      50    return getenv (name);
      51  #else
      52    return NULL;
      53  #endif
      54  }