19 lines
516 B
C
19 lines
516 B
C
Index: lib/common.c
|
|
diff -u lib/common.c.orig lib/common.c
|
|
--- lib/common.c.orig Mon Nov 15 18:23:04 2004
|
|
+++ lib/common.c Mon Nov 15 18:24:43 2004
|
|
@@ -684,7 +684,13 @@
|
|
|
|
if (! path_dest)
|
|
return SASL_BADPARAM;
|
|
- path = getenv(SASL_PATH_ENV_VAR);
|
|
+
|
|
+ path = NULL;
|
|
+
|
|
+ /* Honor external variable only in a safe environment */
|
|
+ if (getuid() == geteuid() && getgid() == getegid())
|
|
+ path = getenv(SASL_PATH_ENV_VAR);
|
|
+
|
|
if (! path)
|
|
path = PLUGINDIR;
|
|
return _sasl_strdup(path, path_dest, NULL);
|