Re: [Fwd: Re: Clearing environ]

Email List: Xaustin-group-lX

Re: [Fwd: Re: Clearing environ]

To:	ajosey@xxxxxxxxxxxxx, austin-group-l@xxxxxxxxxxxxx
Subject:	Re: [Fwd: Re: Clearing environ]
From:	Glenn Fowler <gsf@xxxxxxxxxxxxxxxx>
Date:	Fri, 1 Aug 2008 11:42:38 -0400
Organization:	AT&T Research
References:	<1217604384.26163.32.camel@xxxxxx>

interesting that clearenv() is labeled non-standard and
then used as part of a compliant solution

On Fri, 01 Aug 2008 16:26:24 +0100 Andrew Josey wrote:
> From: "Robert C. Seacord" <rcs:cert.org>

> We have a write-up and associated discussion on this topic in The CERT C 
> Secure Coding Standard:

> ENV03-C. Sanitize the environment when invoking external programs 
> 
><https://www.securecoding.cert.org/confluence/display/seccode/ENV03-C.+Sanitize+the+environment+when+invoking+external+programs>

[Search for more with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Fwd: Re: Clearing environ], Andrew Josey Re: [Fwd: Re: Clearing environ], Glenn Fowler <= Re: [Fwd: Re: Clearing environ], Geoff Clare Re: [Fwd: Re: Clearing environ], Glenn Fowler Re: [Fwd: Re: Clearing environ], Geoff Clare Re: [Fwd: Re: Clearing environ], Glenn Fowler Re: [Fwd: Re: Clearing environ], Robert C. Seacord wait() spec (SIGCHLD ignored), Michael Kerrisk Re: wait() spec (SIGCHLD ignored), Roland McGrath Re: wait() spec (SIGCHLD ignored), Michael Kerrisk Re: [Fwd: Re: Clearing environ], David-Sarah Hopwood

Previous by Date:	[Fwd: Re: Clearing environ], Andrew Josey
Next by Date:	Re: Clearing environ, Geoff Clare
Previous by Thread:	[Fwd: Re: Clearing environ], Andrew Josey
Next by Thread:	Re: [Fwd: Re: Clearing environ], Geoff Clare
Indexes:	[Date] [Thread] [All Lists]