alpine 3.9
obsolete weakness #553


Weakness Breakdown


An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.9 obsolete weakness.

 				if (pidname && strcmp(pidname, "dpid") == 0)
					found = 1;
			if (found)

			monitored_pid = pid;

		if (monitored_pid != 0 && arg_debug)
			printf("Sandbox monitor: monitoring %d\n", monitored_pid);

	// return the latest exit status.
	return status;

static void print_time(void) {
	if (start_timestamp) {
		unsigned long long end_timestamp = getticks();
		// measure 1 ms
		unsigned long long onems = getticks() - end_timestamp;
		if (onems) {
			fmessage("Child process initialized in %.02f ms\n",
				(float) (end_timestamp - start_timestamp) / (float) onems);

	fmessage("Child process initialized\n");

// check execute permissions for the program
// this is done typically by the shell
// we are here because of --shell=none
// we duplicate execvp functionality (man execvp):
//	[...] if  the  specified
//	filename  does  not contain a slash (/) character. The file is sought
//	in the colon-separated list of directory pathnames  specified  in  the
//	PATH  environment  variable.
static int ok_to_run(const char *program) {
	if (strstr(program, "/")) {
		if (access(program, X_OK) == 0) // it will also dereference symlinks
			return 1;

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.