X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/0ecceb5bb9cc8727c117195945b7116aceb984fe..e07f3d5a9ed2870a0e2909cc1e5e55e826086c53:/apt-pkg/contrib/fileutl.cc

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 6c43bed90..affab956c 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -2778,9 +2778,9 @@ std::vector<std::string> Glob(std::string const &pattern, int flags)
    return result;
 }
 									/*}}}*/
-std::string GetTempDir()						/*{{{*/
+static std::string APT_NONNULL(1) GetTempDirEnv(char const * const env)	/*{{{*/
 {
-   const char *tmpdir = getenv("TMPDIR");
+   const char *tmpdir = getenv(env);
 
 #ifdef P_tmpdir
    if (!tmpdir)
@@ -2796,6 +2796,11 @@ std::string GetTempDir()						/*{{{*/
       tmpdir = "/tmp";
 
    return string(tmpdir);
+}
+									/*}}}*/
+std::string GetTempDir()						/*{{{*/
+{
+   return GetTempDirEnv("TMPDIR");
 }
 std::string GetTempDir(std::string const &User)
 {
@@ -3051,6 +3056,32 @@ bool DropPrivileges()							/*{{{*/
 	 return _error->Error("Could restore a uid to root, privilege dropping did not work");
    }
 
+   if (_config->FindB("APT::Sandbox::ResetEnvironment", true))
+   {
+      setenv("HOME", pw->pw_dir, 1);
+      setenv("USER", pw->pw_name, 1);
+      setenv("USERNAME", pw->pw_name, 1);
+      setenv("LOGNAME", pw->pw_name, 1);
+      auto const shell = flNotDir(pw->pw_shell);
+      if (shell == "false" || shell == "nologin")
+	 setenv("SHELL", "/bin/sh", 1);
+      else
+	 setenv("SHELL", pw->pw_shell, 1);
+      auto const apt_setenv_tmp = [](char const * const env) {
+	 auto const tmpdir = getenv(env);
+	 if (tmpdir != nullptr)
+	 {
+	    auto const ourtmpdir = GetTempDirEnv(env);
+	    if (ourtmpdir != tmpdir)
+	       setenv(env, ourtmpdir.c_str(), 1);
+	 }
+      };
+      apt_setenv_tmp("TMPDIR");
+      apt_setenv_tmp("TEMPDIR");
+      apt_setenv_tmp("TMP");
+      apt_setenv_tmp("TEMP");
+   }
+
    return true;
 }
 									/*}}}*/