f7d21be1d3
Vulnerabilities caused by argv[0] mishandling in privileged code keep coming up, recently CVE-2021-4034 in polkit and CVE-2023-6246 in glibc. On the other hand, legitimate handling of argv[0] is mostly limited to logging and multiplexing different functionality depending on the basename of the link (an example for the latter is sudo/sudoedit). On NixOS, by far the most common source of untrusted argv[0] to privileged processes should be the wrapper, and it is not used for multiplexing (separate wrappers are used instead). So we always pass the path of the wrapped program as argv[0]. Obsolete mitigations for older argv[0]-based issues are deleted.
7.2 KiB
7.2 KiB