[Bug libmudflap/41433] security: mudflap accepts environment variables if setuid

2009-09-22 Thread krahmer at suse dot de
--- Comment #1 from krahmer at suse dot de 2009-09-22 11:33 --- Changing system() to execve() is not enough since ressources like open files may also leak from a setuid binary. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41433

[Bug libmudflap/41433] New: security: mudflap acepts environment variables if setuid

2009-09-22 Thread krahmer at suse dot de
IRMED Severity: major Priority: P3 Component: libmudflap AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: krahmer at suse dot de http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41433