nixos/wrapper: pass trusted argv[0] to the privileged executable

Vulnerabilities caused by argv[0] mishandling in privileged code keep coming
up, recently CVE-2021-4034 in polkit and CVE-2023-6246 in glibc. On the other
hand, legitimate handling of argv[0] is mostly limited to logging and
multiplexing different functionality depending on the basename of the link (an
example for the latter is sudo/sudoedit).
On NixOS, by far the most common source of untrusted argv[0] to privileged
processes should be the wrapper, and it is not used for multiplexing (separate
wrappers are used instead). So we always pass the path of the wrapped program
as argv[0]. Obsolete mitigations for older argv[0]-based issues are deleted.

0 files changed, 0 insertions, 0 deletions