From 10c21250402aa8127a6700bc0330f47c7439f5bb Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Fri, 2 Dec 2016 08:47:03 -0500 Subject: Unset LD_PRELOAD on startup (before dropping root) LD_PRELOAD enables keyloggers to easily be made. This solution isn't perfect - really a secure system wouldn't have LD_PRELOAD at all. It was a stupid idea in the first place. --- sway/main.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sway/main.c') diff --git a/sway/main.c b/sway/main.c index d396089c..1db88da2 100644 --- a/sway/main.c +++ b/sway/main.c @@ -220,6 +220,8 @@ int main(int argc, char **argv) { " --get-socketpath Gets the IPC socket path and prints it, then exits.\n" "\n"; + unsetenv("LD_PRELOAD"); // Security + int c; while (1) { int option_index = 0; -- cgit v1.2.3