[SA 2020-002] Security flaws in setuid wrappers (#943) (!944) · Merge requests · David Verdin / sympa · GitLab

David Verdin requested to merge github/fork/ikedas/sa-2020-002 into sympa-6.2 May 24, 2020

Created by: ikedas

This may fix #943 (closed) .

Setuid wrappers should clear environment variables to avoid exploits. Clear environment varialbes.
configure: Add options --disable-setuid_fcgi & --disable-setuid_queue.