Skip to content

std::env uses getenv instead of secure_getenv #92558

New issue
New issue
Open
Open
std::env uses getenv instead of secure_getenv#92558
Labels
A-processArea: `std::process` and `std::env`A-securityArea: Security (example: address space layout randomization).C-bugCategory: This is a bug.T-libsRelevant to the library team, which will review and decide on the PR/issue.
@briansmith

Description

@briansmith
briansmith
opened on Jan 4, 2022

The glibc manual at https://www.gnu.org/software/libc/manual/html_node/Environment-Access.html#Environment-Access says:

Libraries should use secure_getenv instead of getenv, so that they do not accidentally use untrusted environment variables.

libstd is a library, and many (most?) Rust crates are libraries, so it seems like we either should follow glibc's advice and use secure_getenv, or we should document a clear rationale for going against its advice.

See

rust/library/std/src/sys/unix/os.rs

Line 533 in 1d71ba8

let s = libc::getenv(k.as_ptr()) as *const libc::c_char;

musl 1.1.24+ and glibc 2.17+ both support secure_getenv so I suggest we just assume any libc on Linux has it.

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-processArea: `std::process` and `std::env`A-securityArea: Security (example: address space layout randomization).C-bugCategory: This is a bug.T-libsRelevant to the library team, which will review and decide on the PR/issue.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions