From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 10 Feb 1994 19:30:00 +0000 (+0000)
Subject: added SECURE_PATH
X-Git-Tag: SUDO_1_3_1~333
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=de6ad83aeb2d6a274c72ea5287eac29fe9368b6a;p=sudo

added SECURE_PATH
---

diff --git a/sudo.c b/sudo.c
index ff727cc24..8232986ef 100644
--- a/sudo.c
+++ b/sudo.c
@@ -288,16 +288,21 @@ void clean_envp(envp)
      */
     for (tenvp = Envp; *envp; envp++)
 #ifdef hpux
-	if (strncmp("LD_", *envp, 3) && strncmp("SHLIB_PATH", *envp, 10))
+	if (strncmp("LD_", *envp, 3) && strncmp("SHLIB_PATH", *envp, 10)) {
 #else
 #ifdef __alpha
-	if (strncmp("LD_", *envp, 3) && strncmp("_RLD_", *envp, 5))
+	if (strncmp("LD_", *envp, 3) && strncmp("_RLD_", *envp, 5)) {
 #else
-	if (strncmp("LD_", *envp, 3))
+	if (strncmp("LD_", *envp, 3)) {
 #endif /* __alpha */
 #endif /* hpux */
-	    *tenvp++ = *envp;
-
+#ifdef SECURE_PATH
+	    if (!strncmp("PATH=", *envp, 5))
+		*tenvp++ = "PATH=" SECURE_PATH;
+	    else
+#endif /* SECURE_PATH */
+		*tenvp++ = *envp;
+	}
     *tenvp = NULL;
 }
 
diff --git a/sudo.h b/sudo.h
index e90a80ff2..a38f2056e 100644
--- a/sudo.h
+++ b/sudo.h
@@ -166,6 +166,8 @@
 
 #define MAXCOMMANDLENGTH         MAXPATHLEN
 
+/*#define SECURE_PATH		"/bin:/usr/ucb/:/usr/bin:/usr/etc:/etc" /**/
+
 typedef union {
     int int_val;
     char char_val[MAXCOMMANDLENGTH];