paths permitted in environment variables
The file /etc/default/envpaths contains a list of environment
variables and paths that these variables are permitted to contain
when a utility that uses these variables is invoked by a privileged process.
Applications or shell scripts that obtain privilege (such as setuid-on-exec
and setgid-on-exec scripts) and that use their own message catalogs
may fail because of the method the kernel uses to evaluate environment
variables containing pathnames:
The values of pathname-producing environment variables are
checked by the kernel according to a set of internal rules.
The locale-related environment variables (such as NLSPATH), LANG,
and the LC_* variables (LC_ALL, LC_MESSAGES, etc.) are treated specially.
If the contents of these variables contain no slashes,
the contents are used as specified.
In general for locale files, including
message catalogs used by for privileged processes, the file must have
at least 004 read permission (S_IROTH).
The same is true for
and the DATEMSK variable.
For LC_MESSAGES, a more restrictive rule is used: it doesn't matter
whether the file is readable; if LC_MESSAGES contains a slash,
the pathname is rejected.
Next, the pathname generated is checked against the contents of the
/etc/default/envpaths file, if one exists.
If an entry in this file permits use of the portion of the file system
tree used by the pathname, it is permitted.
The /etc/default/envpaths file has lines of the form
Each such line is interpreted to mean that for environment variable
VARNAME, any pathname used in an environment variable that
begins with /some/path/name is permitted.
If no matching entry is found, the pathname is rejected.
If there is no /etc/default/envpaths file, the following
default lines are assumed:
If a pathname in an environment variable of a privileged process
fails either of the above tests, the process is not permitted to
use the pathname.
For example, if you have your own setuid-on-exec program
that has its own message catalogs that are not found by the default
built-in NLSPATH string and do not have at least 004 read permission,
you'll need to make them readable and add an entry to
/etc/default/envpaths pointing to the location of the
The built-in NLSPATH string is:
If /etc/default/envpaths does not exist and you create it, be sure to
include the default four lines shown above as otherwise many TZ and
NLSPATH choices will be rejected.
for LANG, LC_MESSAGES and NLSPATH
for LANG and LC_MESSAGES
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004