Re: [PATCH] Prefer getenv("HOME") to find the UNIX home directory - Mailing list pgsql-hackers

From Anders Kaseorg
Subject Re: [PATCH] Prefer getenv("HOME") to find the UNIX home directory
Date
Msg-id 5d675cbe-7837-e9ae-961d-be7d03201f3b@mit.edu
Whole thread Raw
In response to Re: [PATCH] Prefer getenv("HOME") to find the UNIX home directory  (Kyotaro Horiguchi <horikyota.ntt@gmail.com>)
Responses Re: [PATCH] Prefer getenv("HOME") to find the UNIX home directory
List pgsql-hackers
On 10/19/21 01:34, Kyotaro Horiguchi wrote:
> I tend to agree to this, but seeing ssh ignoring $HOME, I'm not sure
> it's safe that we follow the variable at least when accessing
> confidentiality(?) files.  Since I don't understand the exact
> reasoning for the ssh's behavior so it's just my humbole opinion.

According to https://bugzilla.mindrot.org/show_bug.cgi?id=3048#c1, it 
used to be supported to install the ssh binary as setuid.  A 
setuid/setgid binary needs to treat all environment variables with 
suspicion: if it can be convinced to write a file to $HOME with root 
privileges, then a user who modifies $HOME before invoking the binary 
could cause it to write to a file that the user normally couldn’t.

There’s no such concern for a binary that isn’t setuid/setgid.  Anyone 
with the ability to modify $HOME can be assumed to already have full 
control of the user account.

Anders



pgsql-hackers by date:

Previous
From: Zhihong Yu
Date:
Subject: Re: UPDATE on Domain Array that is based on a composite key crashes
Next
From: Ronan Dunklau
Date:
Subject: Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)