From 6fd8b6a9e22f474117281b00d15c548c29b8197f Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olvaffe@gmail.com>
Date: Tue, 2 Feb 2010 16:47:53 +0800
Subject: egl: Ignore certain environment variables when setuid/setgid.

Specifically, ignore EGL_DRIVERS_PATH when an application is
setuid/setgid.  And ignore EGL_DRIVER when there is a slash in it.
---
 src/egl/main/egldriver.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'src/egl/main/egldriver.c')

diff --git a/src/egl/main/egldriver.c b/src/egl/main/egldriver.c
index 139f839685..0ccdea76c9 100644
--- a/src/egl/main/egldriver.c
+++ b/src/egl/main/egldriver.c
@@ -415,6 +415,14 @@ _eglGetSearchPath(void)
       int ret;
 
       p = getenv("EGL_DRIVERS_PATH");
+#if defined(_EGL_PLATFORM_POSIX)
+      if (p && (geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVERS_PATH for setuid/setgid binaries");
+         p = NULL;
+      }
+#endif /* _EGL_PLATFORM_POSIX */
+
       if (p) {
          ret = snprintf(buffer, sizeof(buffer),
                "%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
@@ -446,9 +454,15 @@ _eglPreloadUserDriver(void)
 
    env = getenv("EGL_DRIVER");
 #if defined(_EGL_PLATFORM_POSIX)
-   if (env && strchr(env, '/'))
+   if (env && strchr(env, '/')) {
       search_path = "";
-#endif
+      if ((geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVER for setuid/setgid binaries");
+         env = NULL;
+      }
+   }
+#endif /* _EGL_PLATFORM_POSIX */
    if (!env)
       return EGL_FALSE;
 
-- 
cgit v1.2.3