Open
Description
The glibc manual at https://www.gnu.org/software/libc/manual/html_node/Environment-Access.html#Environment-Access says:
Libraries should use secure_getenv instead of getenv, so that they do not accidentally use untrusted environment variables.
libstd is a library, and many (most?) Rust crates are libraries, so it seems like we either should follow glibc's advice and use secure_getenv
, or we should document a clear rationale for going against its advice.
See
rust/library/std/src/sys/unix/os.rs
Line 533 in 1d71ba8
musl 1.1.24+ and glibc 2.17+ both support secure_getenv
so I suggest we just assume any libc on Linux has it.
Metadata
Metadata
Assignees
Labels
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Activity
est31 commentedon Jan 4, 2022
The difference is explained in the linked doc:
I think that concern is legitimate.
std::env
(for SSLKEYLOGFILE) rustls/rustls#899Auto merge of #3304 - CuriouslyCurious:secure_getenv_linux, r=JohnTitor