After reading some comments, to avoid the problems
- immediately copy the contents of the buffer the pointer from getenv() points to
- don't use getenv after threads have been started
A library could be written which makes an immutable copy of the whole environment before starting main(). This library then hands out pointers to the environment copy. Or to be even more secure make another copy of the environment variable. This trades some efficiency for security.
In effect, ignore the mutable accessors like setenv from libc.
Or did I miss something? I am not an expert in these things.
And of course it won't solve the problem of two other libraries fighting with each other...
- immediately copy the contents of the buffer the pointer from getenv() points to
- don't use getenv after threads have been started
A library could be written which makes an immutable copy of the whole environment before starting main(). This library then hands out pointers to the environment copy. Or to be even more secure make another copy of the environment variable. This trades some efficiency for security.
In effect, ignore the mutable accessors like setenv from libc.
Or did I miss something? I am not an expert in these things.
And of course it won't solve the problem of two other libraries fighting with each other...