From f28e8bd300b32710c829316b4f620960154cf3e2 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 27 Dec 2003 16:07:20 +0000 Subject: [PATCH] Only use environment variables if uid and gid are the same as euid and egid. This is part of a large change submitted by Markus Friedl --- crypto/threads/mttest.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index d0e088218b..f6f3df4b6a 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -267,7 +267,8 @@ bad: goto end; } - if (cipher == NULL) cipher=getenv("SSL_CIPHER"); + if (cipher == NULL && OPENSSL_issetugid() == 0) + cipher=getenv("SSL_CIPHER"); SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); -- 2.40.0