Name
getenv, secure_getenv — get an environment variable
Synopsis
#include <stdlib.h>
char
*getenv( |
const char *name); |
char
*secure_getenv( |
const char *name); |
![[Note]](../stylesheet/note.png) |
Note | ||
|---|---|---|---|
|
DESCRIPTION
The getenv() function
searches the environment list to find the environment
variable name, and
returns a pointer to the corresponding value string.
The GNU-specific secure_getenv() function is just like
getenv() except that it returns
NULL in cases where "secure execution" is required. Secure
execution is required if one of the following conditions was
true when the program run by the calling process was
loaded:
-
the process's effective user ID did not match its real user ID or the process's effective group ID did not match its real group ID (typically this is the result of executing a set-user-ID or set-group-ID program);
-
the effective capability bit was set on the executable file; or
-
the process has a nonempty permitted capability set.
Secure execution may also be required if triggered by some Linux security modules.
The secure_getenv() function
is intended for use in general-purpose libraries to avoid
vulnerabilities that could occur if set-user-ID or
set-group-ID programs accidentally trusted the
environment.
RETURN VALUE
The getenv() function
returns a pointer to the value in the environment, or NULL if
there is no match.
ATTRIBUTES
For an explanation of the terms used in this section, see attributes(7).
| Interface | Attribute | Value |
getenv(), secure_getenv() |
Thread safety | MT-Safe env |
CONFORMING TO
getenv(): POSIX.1-2001,
POSIX.1-2008, C89, C99, SVr4, 4.3BSD.
secure_getenv() is a GNU
extension.
NOTES
The strings in the environment list are of the form
name=value.
As typically implemented, getenv() returns a pointer to a string
within the environment list. The caller must take care not to
modify this string, since that would change the environment
of the process.
The implementation of getenv() is not required to be reentrant.
The string pointed to by the return value of getenv() may be statically allocated, and
can be modified by a subsequent call to getenv(), putenv(3), setenv(3), or unsetenv(3).
The "secure execution" mode of secure_getenv() is controlled by the
AT_SECURE flag contained in the
auxiliary vector passed from the kernel to user space.
COLOPHON
This page is part of release 5.11 of the Linux man-pages project. A
description of the project, information about reporting bugs,
and the latest version of this page, can be found at
https://www.kernel.org/doc/man−pages/.
|
Copyright 1993 David Metcalfe (davidprism.demon.co.uk) and Copyright (C) 2007, 2012 Michael Kerrisk <mtk.manpagesgmail.com> %%%LICENSE_START(VERBATIM) Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Since the Linux kernel and libraries are constantly changing, this manual page may be incorrect or out-of-date. The author(s) assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. The author(s) may not have taken the same level of care in the production of this manual, which is licensed free of charge, as they might when working professionally. Formatted or processed versions of this manual, if unaccompanied by the source, must acknowledge the copyright and authors of this work. %%%LICENSE_END References consulted: Linux libc source code Lewine's "POSIX Programmer's Guide" (O'Reilly & Associates, 1991) 386BSD man pages Modified Sat Jul 24 19:30:29 1993 by Rik Faith (faithcs.unc.edu) Modified Fri Feb 14 21:47:50 1997 by Andries Brouwer (aebcwi.nl) |