[{"id":1101,"web_url":"https://patchwork.libcamera.org/comment/1101/","msgid":"<20190322230336.GE4572@pendragon.ideasonboard.com>","date":"2019-03-22T23:03:36","subject":"Re: [libcamera-devel] [PATCH 4/4] libcamera: log: Fallback to\n\tgetenv on non-gnu systems","submitter":{"id":2,"url":"https://patchwork.libcamera.org/api/people/2/","name":"Laurent Pinchart","email":"laurent.pinchart@ideasonboard.com"},"content":"Hi Kieran,\n\nThank you for the patch.\n\nOn Fri, Mar 22, 2019 at 10:43:50AM +0000, Kieran Bingham wrote:\n> The secure_getenv() call is not provided by all toolchains. Support\n> compilation without this feature by falling back to the default getenv()\n> functionality.\n> \n> Signed-off-by: Kieran Bingham \n> ---\n> src/libcamera/log.cpp | 9 +++++++++\n> 1 file changed, 9 insertions(+)\n> \n> diff --git a/src/libcamera/log.cpp b/src/libcamera/log.cpp\n> index 7d930cd6b99e..a44bd941e615 100644\n> --- a/src/libcamera/log.cpp\n> +++ b/src/libcamera/log.cpp\n> @@ -49,6 +49,15 @@\n> \n> namespace libcamera {\n> \n> +\n> +/*\n> + * secure_getenv is a GNU-specific extension to the C-Library.\n> + * fall back to the default getenv when it is not available.\n> + */\n> +#ifndef HAVE_SECURE_GETENV\n\nWhere is HAVE_SECURE_GETENV defined ?\n\n> +#define secure_getenv getenv\n\nThis means that a setuid-root binary linked to libcamera could be used\nto overwrite any file on the system through the logging infrastructure.\nThere should be no setuid binaries linking to libcamera in the first\nplace, but I would still prefer avoiding this potential security issue.\n\n> +#endif\n> +\n> /**\n> * \\brief Message logger\n> *","headers":{"Return-Path":"","Received":["from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 1181A600F9\n\tfor ;\n\tSat, 23 Mar 2019 00:03:49 +0100 (CET)","from pendragon.ideasonboard.com\n\t(p5269001-ipngn11702marunouchi.tokyo.ocn.ne.jp [114.158.195.1])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 4D4E32DE;\n\tSat, 23 Mar 2019 00:03:46 +0100 (CET)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1553295828;\n\tbh=Ygi9CYrXoBUDeEVn+NqVCaRgAOI6KsN59Jdm66I/K2M=;\n\th=Date:From:To:Cc:Subject:References:In-Reply-To:From;\n\tb=oSlXIaDeaSkrDPag6jWlojE6peX5PWYOipyey5xRNevVy9JS4yfmyWy6SCpR395S4\n\t6bdYL/Js4jkydcAEoRvc3ylTZr2GabF4Rv4gmH69Um82N60VLDfc+D0Doczx6DPxIc\n\t5i/ebMcQaoOqrc/+K1efbbTszcBtpxnRjrprases=","Date":"Sat, 23 Mar 2019 01:03:36 +0200","From":"Laurent Pinchart ","To":"Kieran Bingham ","Cc":"LibCamera Devel ","Message-ID":"<20190322230336.GE4572@pendragon.ideasonboard.com>","References":"<20190322104350.31091-1-kieran.bingham@ideasonboard.com>\n\t<20190322104350.31091-5-kieran.bingham@ideasonboard.com>","MIME-Version":"1.0","Content-Type":"text/plain; charset=utf-8","Content-Disposition":"inline","In-Reply-To":"<20190322104350.31091-5-kieran.bingham@ideasonboard.com>","User-Agent":"Mutt/1.10.1 (2018-07-13)","Subject":"Re: [libcamera-devel] [PATCH 4/4] libcamera: log: Fallback to\n\tgetenv on non-gnu systems","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.23","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","X-List-Received-Date":"Fri, 22 Mar 2019 23:03:49 -0000"}},{"id":1122,"web_url":"https://patchwork.libcamera.org/comment/1122/","msgid":"<3982425c-9891-1198-5e36-9170d58d0b94@ideasonboard.com>","date":"2019-03-25T10:19:19","subject":"Re: [libcamera-devel] [PATCH 4/4] libcamera: log: Fallback to\n\tgetenv on non-gnu systems","submitter":{"id":4,"url":"https://patchwork.libcamera.org/api/people/4/","name":"Kieran Bingham","email":"kieran.bingham@ideasonboard.com"},"content":"Hi Laurent,\n\nOn 22/03/2019 23:03, Laurent Pinchart wrote:\n> Hi Kieran,\n> \n> Thank you for the patch.\n> \n> On Fri, Mar 22, 2019 at 10:43:50AM +0000, Kieran Bingham wrote:\n>> The secure_getenv() call is not provided by all toolchains. Support\n>> compilation without this feature by falling back to the default getenv()\n>> functionality.\n>>\n>> Signed-off-by: Kieran Bingham \n>> ---\n>> src/libcamera/log.cpp | 9 +++++++++\n>> 1 file changed, 9 insertions(+)\n>>\n>> diff --git a/src/libcamera/log.cpp b/src/libcamera/log.cpp\n>> index 7d930cd6b99e..a44bd941e615 100644\n>> --- a/src/libcamera/log.cpp\n>> +++ b/src/libcamera/log.cpp\n>> @@ -49,6 +49,15 @@\n>> \n>> namespace libcamera {\n>> \n>> +\n>> +/*\n>> + * secure_getenv is a GNU-specific extension to the C-Library.\n>> + * fall back to the default getenv when it is not available.\n>> + */\n>> +#ifndef HAVE_SECURE_GETENV\n> \n> Where is HAVE_SECURE_GETENV defined ?\n\nAh - I thought it was provided by glibc - but I think I was mistaken.\n\n\nWe'll have to do some checking in meson.build:\n\nif compiler.has_function('secure_getenv',\n prefix : '#include ')\n # - add -DHAVE_SECURE_GETENV to flags or such...\nendif\n\n\n>> +#define secure_getenv getenv\n> \n> This means that a setuid-root binary linked to libcamera could be used\n> to overwrite any file on the system through the logging infrastructure.\n> There should be no setuid binaries linking to libcamera in the first\n> place, but I would still prefer avoiding this potential security issue.\n\n\nSure, I get that it's useful - but it's not always available ...\n\n\n> https://www.gnu.org/software/libc/manual/html_node/Environment-Access.html:\n>\n> Function: char * secure_getenv (const char *name)\n> \n> Preliminary: | MT-Safe env | AS-Safe | AC-Safe | See POSIX Safety Concepts.\n> \n> This function is similar to getenv, but it returns a null pointer if the environment is untrusted. This happens when the program file has SUID or SGID bits set. General-purpose libraries should always prefer this function over getenv to avoid vulnerabilities if the library is referenced from a SUID/SGID program.\n> \n> This function is a GNU extension. \n\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ is the issue.\n\n\n\n>> +#endif\n>> +\n>> /**\n>> * \\brief Message logger\n>> *\n>","headers":{"Return-Path":"","Received":["from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[213.167.242.64])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 555286110A\n\tfor ;\n\tMon, 25 Mar 2019 11:19:22 +0100 (CET)","from [192.168.0.20]\n\t(cpc89242-aztw30-2-0-cust488.18-1.cable.virginm.net [86.31.129.233])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 972E12F3;\n\tMon, 25 Mar 2019 11:19:21 +0100 (CET)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1553509161;\n\tbh=Bm2+/MZkIB0EbjjyEFQJklWUivMgfFWz1NWaWqtg3BY=;\n\th=Reply-To:Subject:To:Cc:References:From:Date:In-Reply-To:From;\n\tb=iONK/MpwIDtKCWPZ7BSwAD1Zx4rCfLinmHsbYoa19cjH7QahdPf1kXBklUOHdl42r\n\tmbEPnvORZY24ZBGewwed0yFOFDinJKlQv3Qlrc1h2ROK1hwU3ev4qKrhT4F1C4SaQI\n\tAXg+mL/1kjD2Drd/6WWtGAc8lVIGqyvmBen0B9IU=","Reply-To":"kieran.bingham@ideasonboard.com","To":"Laurent Pinchart ","Cc":"LibCamera Devel ","References":"<20190322104350.31091-1-kieran.bingham@ideasonboard.com>\n\t<20190322104350.31091-5-kieran.bingham@ideasonboard.com>\n\t<20190322230336.GE4572@pendragon.ideasonboard.com>","From":"Kieran Bingham ","Openpgp":"preference=signencrypt","Autocrypt":"addr=kieran.bingham@ideasonboard.com; keydata=\n\tmQINBFYE/WYBEACs1PwjMD9rgCu1hlIiUA1AXR4rv2v+BCLUq//vrX5S5bjzxKAryRf0uHat\n\tV/zwz6hiDrZuHUACDB7X8OaQcwhLaVlq6byfoBr25+hbZG7G3+5EUl9cQ7dQEdvNj6V6y/SC\n\trRanWfelwQThCHckbobWiQJfK9n7rYNcPMq9B8e9F020LFH7Kj6YmO95ewJGgLm+idg1Kb3C\n\tpotzWkXc1xmPzcQ1fvQMOfMwdS+4SNw4rY9f07Xb2K99rjMwZVDgESKIzhsDB5GY465sCsiQ\n\tcSAZRxqE49RTBq2+EQsbrQpIc8XiffAB8qexh5/QPzCmR4kJgCGeHIXBtgRj+nIkCJPZvZtf\n\tKr2EAbc6tgg6DkAEHJb+1okosV09+0+TXywYvtEop/WUOWQ+zo+Y/OBd+8Ptgt1pDRyOBzL8\n\tRXa8ZqRf0Mwg75D+dKntZeJHzPRJyrlfQokngAAs4PaFt6UfS+ypMAF37T6CeDArQC41V3ko\n\tlPn1yMsVD0p+6i3DPvA/GPIksDC4owjnzVX9kM8Zc5Cx+XoAN0w5Eqo4t6qEVbuettxx55gq\n\t8K8FieAjgjMSxngo/HST8TpFeqI5nVeq0/lqtBRQKumuIqDg+Bkr4L1V/PSB6XgQcOdhtd36\n\tOe9X9dXB8YSNt7VjOcO7BTmFn/Z8r92mSAfHXpb07YJWJosQOQARAQABtDBLaWVyYW4gQmlu\n\tZ2hhbSA8a2llcmFuLmJpbmdoYW1AaWRlYXNvbmJvYXJkLmNvbT6JAkAEEwEKACoCGwMFCwkI\n\tBwIGFQgJCgsCBBYCAwECHgECF4ACGQEFAlnDk/gFCQeA/YsACgkQoR5GchCkYf3X5w/9EaZ7\n\tcnUcT6dxjxrcmmMnfFPoQA1iQXr/MXQJBjFWfxRUWYzjvUJb2D/FpA8FY7y+vksoJP7pWDL7\n\tQTbksdwzagUEk7CU45iLWL/CZ/knYhj1I/+5LSLFmvZ/5Gf5xn2ZCsmg7C0MdW/GbJ8IjWA8\n\t/LKJSEYH8tefoiG6+9xSNp1p0Gesu3vhje/GdGX4wDsfAxx1rIYDYVoX4bDM+uBUQh7sQox/\n\tR1bS0AaVJzPNcjeC14MS226mQRUaUPc9250aj44WmDfcg44/kMsoLFEmQo2II9aOlxUDJ+x1\n\txohGbh9mgBoVawMO3RMBihcEjo/8ytW6v7xSF+xP4Oc+HOn7qebAkxhSWcRxQVaQYw3S9iZz\n\t2iA09AXAkbvPKuMSXi4uau5daXStfBnmOfalG0j+9Y6hOFjz5j0XzaoF6Pln0jisDtWltYhP\n\tX9LjFVhhLkTzPZB/xOeWGmsG4gv2V2ExbU3uAmb7t1VSD9+IO3Km4FtnYOKBWlxwEd8qOFpS\n\tjEqMXURKOiJvnw3OXe9MqG19XdeENA1KyhK5rqjpwdvPGfSn2V+SlsdJA0DFsobUScD9qXQw\n\tOvhapHe3XboK2+Rd7L+g/9Ud7ZKLQHAsMBXOVJbufA1AT+IaOt0ugMcFkAR5UbBg5+dZUYJj\n\t1QbPQcGmM3wfvuaWV5+SlJ+WeKIb8ta5Ag0EVgT9ZgEQAM4o5G/kmruIQJ3K9SYzmPishRHV\n\tDcUcvoakyXSX2mIoccmo9BHtD9MxIt+QmxOpYFNFM7YofX4lG0ld8H7FqoNVLd/+a0yru5Cx\n\tadeZBe3qr1eLns10Q90LuMo7/6zJhCW2w+HE7xgmCHejAwuNe3+7yt4QmwlSGUqdxl8cgtS1\n\tPlEK93xXDsgsJj/bw1EfSVdAUqhx8UQ3aVFxNug5OpoX9FdWJLKROUrfNeBE16RLrNrq2ROc\n\tiSFETpVjyC/oZtzRFnwD9Or7EFMi76/xrWzk+/b15RJ9WrpXGMrttHUUcYZEOoiC2lEXMSAF\n\tSSSj4vHbKDJ0vKQdEFtdgB1roqzxdIOg4rlHz5qwOTynueiBpaZI3PHDudZSMR5Fk6QjFooE\n\tXTw3sSl/km/lvUFiv9CYyHOLdygWohvDuMkV/Jpdkfq8XwFSjOle+vT/4VqERnYFDIGBxaRx\n\tkoBLfNDiiuR3lD8tnJ4A1F88K6ojOUs+jndKsOaQpDZV6iNFv8IaNIklTPvPkZsmNDhJMRHH\n\tIu60S7BpzNeQeT4yyY4dX9lC2JL/LOEpw8DGf5BNOP1KgjCvyp1/KcFxDAo89IeqljaRsCdP\n\t7WCIECWYem6pLwaw6IAL7oX+tEqIMPph/G/jwZcdS6Hkyt/esHPuHNwX4guqTbVEuRqbDzDI\n\t2DJO5FbxABEBAAGJAiUEGAEKAA8CGwwFAlnDlGsFCQeA/gIACgkQoR5GchCkYf1yYRAAq+Yo\n\tnbf9DGdK1kTAm2RTFg+w9oOp2Xjqfhds2PAhFFvrHQg1XfQR/UF/SjeUmaOmLSczM0s6XMeO\n\tVcE77UFtJ/+hLo4PRFKm5X1Pcar6g5m4xGqa+Xfzi9tRkwC29KMCoQOag1BhHChgqYaUH3yo\n\tUzaPwT/fY75iVI+yD0ih/e6j8qYvP8pvGwMQfrmN9YB0zB39YzCSdaUaNrWGD3iCBxg6lwSO\n\tLKeRhxxfiXCIYEf3vwOsP3YMx2JkD5doseXmWBGW1U0T/oJF+DVfKB6mv5UfsTzpVhJRgee7\n\t4jkjqFq4qsUGxcvF2xtRkfHFpZDbRgRlVmiWkqDkT4qMA+4q1y/dWwshSKi/uwVZNycuLsz+\n\t+OD8xPNCsMTqeUkAKfbD8xW4LCay3r/dD2ckoxRxtMD9eOAyu5wYzo/ydIPTh1QEj9SYyvp8\n\tO0g6CpxEwyHUQtF5oh15O018z3ZLztFJKR3RD42VKVsrnNDKnoY0f4U0z7eJv2NeF8xHMuiU\n\tRCIzqxX1GVYaNkKTnb/Qja8hnYnkUzY1Lc+OtwiGmXTwYsPZjjAaDX35J/RSKAoy5wGo/YFA\n\tJxB1gWThL4kOTbsqqXj9GLcyOImkW0lJGGR3o/fV91Zh63S5TKnf2YGGGzxki+ADdxVQAm+Q\n\tsbsRB8KNNvVXBOVNwko86rQqF9drZuw=","Organization":"Ideas on Board","Message-ID":"<3982425c-9891-1198-5e36-9170d58d0b94@ideasonboard.com>","Date":"Mon, 25 Mar 2019 10:19:19 +0000","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101\n\tThunderbird/60.5.1","MIME-Version":"1.0","In-Reply-To":"<20190322230336.GE4572@pendragon.ideasonboard.com>","Content-Type":"text/plain; charset=utf-8","Content-Language":"en-GB","Content-Transfer-Encoding":"8bit","Subject":"Re: [libcamera-devel] [PATCH 4/4] libcamera: log: Fallback to\n\tgetenv on non-gnu systems","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.23","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","X-List-Received-Date":"Mon, 25 Mar 2019 10:19:22 -0000"}}]