diff options
author | Bastien Roucariès <rouca@debian.org> | 2021-01-29 23:29:40 +0000 |
---|---|---|
committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-01-30 08:55:07 +0100 |
commit | 37147e18b6cb697e3f52de8d561afe6bca8ecd08 (patch) | |
tree | fdf039113755de4208647bce86364f94078f2932 | |
parent | b6cb76fb6abfb9569d458d3faae039b1aa398ee5 (diff) | |
download | man-pages-37147e18b6cb697e3f52de8d561afe6bca8ecd08.tar.gz |
environ.7: Document that HOME, LOGNAME, SHELL, USER are set at login time
Clearly document that HOME, LOGNAME, SHELL and USER are set at
login time by a program like such as login(1).
Document also that using su could result in a mixed environment,
and point to the su(1) manual page.
[mtk: edited commit message]
Signed-off-by: Bastien Roucariès <rouca@debian.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
-rw-r--r-- | man7/environ.7 | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/man7/environ.7 b/man7/environ.7 index 39959f1f78..2a8a045c02 100644 --- a/man7/environ.7 +++ b/man7/environ.7 @@ -65,15 +65,15 @@ Common examples are: .TP .B USER The name of the logged-in user (used by some BSD-derived programs). +Set at login time, see section NOTES below. .TP .B LOGNAME The name of the logged-in user (used by some System-V derived programs). +Set at login time, see section NOTES below. .TP .B HOME -A user's login directory, set by -.BR login (1) -from the password file -.BR passwd (5). +A user's login directory, set a login time. +Set at login time, see section NOTES below. .TP .B LANG The name of a locale to use for locale categories when not overridden @@ -131,6 +131,7 @@ Set by some shells. .TP .B SHELL The absolute pathname of the user's login shell. +Set at login time, see section NOTES below. .TP .B TERM The terminal type for which output is to be prepared. @@ -277,6 +278,30 @@ The and .B PR_SET_MM_ENV_END operations can be used to control the location of the process's environment. +.PP +The +.B HOME, +.B LOGNAME, +.B SHELL +and +.B USER +variables are only set when an user is changing using +session management interface, typically by program +.B login(1) +from user database (for instance, but not limited, by using +.B password (5) +database). +Particularly, +.BR setuid (2) +family of function +does not set theses variables. Notes that as documented, +going to root by +.BR su (8) +may result in a mixed environment where +.B LOGNAME +and +.B USER +are retained from old user. .SH BUGS Clearly there is a security risk here. Many a system command has been @@ -322,6 +347,7 @@ should consider renaming their option to .BR login (1), .BR printenv (1), .BR sh (1), +.BR su (1), .BR tcsh (1), .BR execve (2), .BR clearenv (3), |