CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2015/04/11 10:03:21
Modified files:
lib/libssl/src/crypto/conf: conf_api.c conf_mod.c
lib/libssl/src/crypto/engine: eng_list.c
lib/libssl/src/crypto/x509: by_dir.c by_file.c x509_vfy.c
lib/libssl/src/doc/apps: config.pod
Log message:
Remove all getenv() calls, especially those wrapped by issetugid().
getenv()'s wrapped by issetugid() are safe, but issetugid() is correct
difficult to impliment on many operating systems. By accident, a grand
experiment was run over the last year, where issetugid() returned 1 (the
safe value) on a few operating systems. Noone noticed & complained that
certain environment variables were not working.......
ok doug beck jsing, discussion with others
