summaryrefslogtreecommitdiffstats
path: root/src/evalfunc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/evalfunc.c')
-rw-r--r--src/evalfunc.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/evalfunc.c b/src/evalfunc.c
index f9b81c6054..9e4e26ba0c 100644
--- a/src/evalfunc.c
+++ b/src/evalfunc.c
@@ -9723,6 +9723,12 @@ f_setenv(typval_T *argvars, typval_T *rettv UNUSED)
if (in_vim9script() && check_for_string_arg(argvars, 0) == FAIL)
return;
+ // seting an environment variable may be dangerous, e.g. you could
+ // setenv GCONV_PATH=/tmp and then have iconv() unexpectedly call
+ // a shell command using some shared library:
+ if (check_restricted() || check_secure())
+ return;
+
name = tv_get_string_buf(&argvars[0], namebuf);
if (argvars[1].v_type == VAR_SPECIAL
&& argvars[1].vval.v_number == VVAL_NULL)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-28 20:00:50 +0000