udev does not pass PATH to the children

udev does not pass PATH to the children

[Denis Vlasenko]

[-- Attachment #1: Type: text/plain, Size: 799 bytes --]

Hi,

Basically subject says it all. Even if udevd is run with PATH set, it
clears it (and everything else) out of environment before it starts
children.

This means that child processes will have to set PATH themself if they
want to run some commands, or they can use absolute paths (/bin/mount
etc).

But the whole point of PATH in the first place is to remove the
hardcoding of paths from executables and scripts! Just "mount" should
suffice.

Clearing of the PATH doesn't make much sense from the security point
of view too: udev's PATH is ser by admin, and we assume admin knows
what he is doing.

Untested patch is attached. I think that strdup() can be removed
because IIRC libc does not free environment on clearenv. [yes,
amazingly, it just leaks it! Blame bad standards for it...].

--
vda

[-- Attachment #2: udev_PATH.diff --]
[-- Type: application/octet-stream, Size: 1327 bytes --]

--- udev-111.org/udevd.c	Thu May 10 12:42:56 2007
+++ udev-111/udevd.c	Fri May 18 13:00:37 2007
@@ -950,6 +950,8 @@
 	};
 	int rc = 1;
 	int maxfd;
+	/* strduping: it has to survive clearenv: */
+	const char *saved_PATH = strdup(getenv("PATH"));
 
 	logging_init("udevd");
 	udev_config_init();
@@ -1152,6 +1154,8 @@
 
 	/* clear environment for forked event processes */
 	clearenv();
+	if (saved_PATH)
+		setenv("PATH", saved_PATH, 1);
 
 	/* export log_priority , as called programs may want to follow that setting */
 	sprintf(udev_log, "UDEV_LOG=%i", udev_log_priority);
--- udev-111.org/udevstart.c	Thu May 10 12:42:56 2007
+++ udev-111/udevstart.c	Fri May 18 12:58:13 2007
@@ -38,6 +38,7 @@
 #include "udev_rules.h"
 #include "udev_selinux.h"
 
+static const char *saved_PATH;
 static const char *udev_run_str;
 static const char *udev_log_str;
 static struct udev_rules rules;
@@ -109,6 +110,8 @@
 
 	/* clear and set environment for next event */
 	clearenv();
+	if (saved_PATH)
+		setenv("PATH", saved_PATH, 1);
 	setenv("ACTION", "add", 1);
 	setenv("UDEV_START", "1", 1);
 	if (udev_log_str)
@@ -339,6 +342,7 @@
 	selinux_init();
 	dbg("version %s", UDEV_VERSION);
 
+	saved_PATH = strdup(getenv("PATH")); /* it has to survive clearenv */
 	udev_run_str = getenv("UDEV_RUN");
 	udev_log_str = getenv("UDEV_LOG");
 

[-- Attachment #3: Type: text/plain, Size: 286 bytes --]

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

[-- Attachment #4: Type: text/plain, Size: 226 bytes --]

_______________________________________________
Linux-hotplug-devel mailing list  http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel

Re: udev does not pass PATH to the children

[Marco d'Itri]

On May 18, Denis Vlasenko <vda.linux@googlemail.com> wrote:

> Basically subject says it all. Even if udevd is run with PATH set, it
> clears it (and everything else) out of environment before it starts
> children.
I consider this a feature.

> Clearing of the PATH doesn't make much sense from the security point
> of view too: udev's PATH is ser by admin, and we assume admin knows
> what he is doing.
No, but it helps consistency to know that the child processes of a
daemon will not be started with a random $PATH.

-- 
ciao,
Marco

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Linux-hotplug-devel mailing list  http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel