secure_getenv() returns NULL when I do setcap to executable file.

[JayJay-K]

I made executable file in the linux by using kubernetes-client/c code. There was a problem because secure_getenv( ) returned NULL when I did setcap to the executable file. I have to use setcap to the executable file because it's a non-root process and it needs some linux capabilities.

How can I solve the problem, if I have to use setcap to the executable file? I checked the manual for secure_getenv() and I guess my program requires "secure execution" in the manual Do I have to use secure_getenv() instead of simple getenv() in this situation?

[ityuhui]

I think setcap and secure_getenv cannot take effect at the same time. If you need setcap, you can use getenv instead but there are vulnerabilities that could occur if set-user-ID or set-group-ID programs accidentally trusted the environment.