(scrub_env): change filtering algoritm from allowing everything except

a few bad cases to not allowing anything except a few non-dangerous
cases


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9304 ec53bebd-3082-4978-b11e-865c3cabbd6b

appl/telnet/telnetd/sys_term.c

@@ -1209,32 +1209,33 @@ init_env(void)
 /*
  * scrub_env()
  *
- * Remove variables from the environment that might cause login to
- * behave in a bad manner. To avoid this, login should be staticly
- * linked.
+ * We only accept the environment variables listed below.
+ */
  */
 
-static void scrub_env(void)
+static void
+scrub_env(void)
 {
-    static char *remove[] = {
-      "LD_", "_RLD_", "LIBPATH=",
-      "IFS=", "ENV=",
-      "LOCALDOMAIN=", "RES_OPTIONS=",
-      "TERMINFO=", "TERMINFO_DIRS=", "TERMPATH=", "TERMCAP=/",
-      NULL
+    static const char *accept[] = {
+	"XAUTH=", "XAUTHORITY=", "DISPLAY=",
+	"TERM=",
+	"EDITOR=",
+	"PAGER=",
+	"PRINTER=",
+	NULL
     };
 
-    char **cpp, **cpp2;
-    char **p;
+    const char **cpp, **cpp2;
+    const char **p;
   
     for (cpp2 = cpp = environ; *cpp; cpp++) {
-	for(p = remove; *p; p++)
+	for(p = accept; *p; p++)
 	    if(strncmp(*cpp, *p, strlen(*p)) == 0)
 		break;
-	if(*p == NULL)
+	if(*p != NULL)
 	    *cpp2++ = *cpp;
     }
-    *cpp2 = 0;
+    *cpp2 = NULL;
 }