Subject: CVS commit: basesrc
To: None <source-changes@netbsd.org>
From: Takuya SHIOZAKI <tshiozak@netbsd.org>
List: source-changes
Date: 09/08/2000 23:56:37
Module Name: basesrc
Committed By: tshiozak
Date: Fri Sep 8 20:56:37 UTC 2000
Modified Files:
basesrc/lib/libc/locale: setlocale.c
basesrc/lib/libc/nls: catopen.c
Log Message:
Disallow '/' character in LC_* and LANG environment variable, and
prevent to look up PATH_LOCALE and NLSPATH on setuid/setgid executable.
This is important to prevent to cause some kind of security hole.
To generate a diff of this commit:
cvs rdiff -r1.19 -r1.20 basesrc/lib/libc/locale/setlocale.c
cvs rdiff -r1.16 -r1.17 basesrc/lib/libc/nls/catopen.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.