mirror of https://github.com/mkerrisk/man-pages
environ.7: Document that HOME, LOGNAME, SHELL, USER are set at login time
Clearly document that HOME, LOGNAME, SHELL and USER are set at login time by a program like such as login(1). Document also that using su could result in a mixed environment, and point to the su(1) manual page. [mtk: edited commit message] Signed-off-by: Bastien Roucariès <rouca@debian.org> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Bastien Roucariès
Michael Kerrisk
parent
b6cb76fb6a
commit
37147e18b6
|
|
@ -65,15 +65,15 @@ Common examples are:
|
|||
.TP
|
||||
.B USER
|
||||
The name of the logged-in user (used by some BSD-derived programs).
|
||||
Set at login time, see section NOTES below.
|
||||
.TP
|
||||
.B LOGNAME
|
||||
The name of the logged-in user (used by some System-V derived programs).
|
||||
Set at login time, see section NOTES below.
|
||||
.TP
|
||||
.B HOME
|
||||
A user's login directory, set by
|
||||
.BR login (1)
|
||||
from the password file
|
||||
.BR passwd (5).
|
||||
A user's login directory, set a login time.
|
||||
Set at login time, see section NOTES below.
|
||||
.TP
|
||||
.B LANG
|
||||
The name of a locale to use for locale categories when not overridden
|
||||
|
|
@ -131,6 +131,7 @@ Set by some shells.
|
|||
.TP
|
||||
.B SHELL
|
||||
The absolute pathname of the user's login shell.
|
||||
Set at login time, see section NOTES below.
|
||||
.TP
|
||||
.B TERM
|
||||
The terminal type for which output is to be prepared.
|
||||
|
|
@ -277,6 +278,30 @@ The
|
|||
and
|
||||
.B PR_SET_MM_ENV_END
|
||||
operations can be used to control the location of the process's environment.
|
||||
.PP
|
||||
The
|
||||
.B HOME,
|
||||
.B LOGNAME,
|
||||
.B SHELL
|
||||
and
|
||||
.B USER
|
||||
variables are only set when an user is changing using
|
||||
session management interface, typically by program
|
||||
.B login(1)
|
||||
from user database (for instance, but not limited, by using
|
||||
.B password (5)
|
||||
database).
|
||||
Particularly,
|
||||
.BR setuid (2)
|
||||
family of function
|
||||
does not set theses variables. Notes that as documented,
|
||||
going to root by
|
||||
.BR su (8)
|
||||
may result in a mixed environment where
|
||||
.B LOGNAME
|
||||
and
|
||||
.B USER
|
||||
are retained from old user.
|
||||
.SH BUGS
|
||||
Clearly there is a security risk here.
|
||||
Many a system command has been
|
||||
|
|
@ -322,6 +347,7 @@ should consider renaming their option to
|
|||
.BR login (1),
|
||||
.BR printenv (1),
|
||||
.BR sh (1),
|
||||
.BR su (1),
|
||||
.BR tcsh (1),
|
||||
.BR execve (2),
|
||||
.BR clearenv (3),
|
||||
|
|
|
|||
Loading…
Reference in New Issue