add secure_getenv() function

3 files changed, 10 insertions, 4 deletions

diff --git a/include/stdlib.h b/include/stdlib.h
index a108c84a9..cbc0473f4 100644
--- a/include/stdlib.h
+++ b/include/stdlib.h
@@ -575,12 +575,10 @@ extern char *getenv (const char *__name) __THROW __nonnull ((1)) __wur;
 libc_hidden_proto(getenv)
 __END_NAMESPACE_STD
 
-#if 0
 /* This function is similar to the above but returns NULL if the
    programs is running with SUID or SGID enabled.  */
-extern char *__secure_getenv (const char *__name)
+extern char *secure_getenv (const char *__name)
      __THROW __nonnull ((1)) __wur;
-#endif
 
 #if defined __USE_SVID || defined __USE_XOPEN
 /* The SVID says this is in <stdio.h>, but this seems a better place.	*/
diff --git a/libc/stdlib/Makefile.in b/libc/stdlib/Makefile.in
index f6e471ac5..938f74448 100644
--- a/libc/stdlib/Makefile.in
+++ b/libc/stdlib/Makefile.in
@@ -17,7 +17,7 @@ CSRC-y := \
 	lldiv.c getpt.c drand48-iter.c jrand48.c \
 	jrand48_r.c lcong48.c lrand48.c lrand48_r.c mrand48.c mrand48_r.c nrand48.c \
 	nrand48_r.c rand_r.c srand48.c srand48_r.c seed48.c seed48_r.c \
-	a64l.c l64a.c __uc_malloc.c
+	a64l.c l64a.c __uc_malloc.c secure_getenv.c
 CSRC-$(UCLIBC_SUSV2_LEGACY) += valloc.c
 CSRC-$(UCLIBC_HAS_ADVANCED_REALTIME) += posix_memalign.c
 CSRC-$(UCLIBC_HAS_PTY) += grantpt.c unlockpt.c ptsname.c
diff --git a/libc/stdlib/secure_getenv.c b/libc/stdlib/secure_getenv.c
new file mode 100644
index 000000000..41cb622c8
--- /dev/null
+++ b/libc/stdlib/secure_getenv.c
@@ -0,0 +1,8 @@
+
+#include <stdlib.h>
+
+char *secure_getenv(const char *name) {
+	if (issetugid()) return NULL;
+	return getenv(name);
+}
+