[Bug libmudflap/41433] security: mudflap accepts environment variables if setuid

krahmer at suse dot de Tue, 22 Sep 2009 04:33:48 -0700


------- Comment #1 from krahmer at suse dot de  2009-09-22 11:33 -------
Changing system() to execve() is not enough since ressources
like open files may also leak from a setuid binary.



-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41433

[Bug libmudflap/41433] security: mudflap accepts environment variables if setuid

Reply via email to