From 3e786f4b0d5df1956fe763ed68f1c8ce8519f0aa Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 27 Dec 2003 16:07:18 +0000 Subject: [PATCH] Only use environment variables if uid and gid are the same as euid and egid. This is part of a large change submitted by Markus Friedl --- crypto/threads/mttest.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index 54d598565d..7588966cb2 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -243,7 +243,8 @@ bad: goto end; } - if (cipher == NULL) cipher=getenv("SSL_CIPHER"); + if (cipher == NULL && OPENSSL_issetugid() == 0) + cipher=getenv("SSL_CIPHER"); SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); -- 2.25.1