egl: Ignore certain environment variables when setuid/setgid.

Specifically, ignore EGL_DRIVERS_PATH when an application is
setuid/setgid.  And ignore EGL_DRIVER when there is a slash in it.

docs/egl.html

@@ -131,7 +131,8 @@ runtime</p>
 <p>By default, the main library will look for drivers in the directory where
 the drivers are installed to.  This variable specifies a list of
 colon-separated directories where the main library will look for drivers, in
-addition to the default directory.</p>
+addition to the default directory.  This variable is ignored for setuid/setgid
+binaries.</p>
 
 </li>
 
@@ -139,7 +140,7 @@ addition to the default directory.</p>
 
 <p>This variable specifies a full path to an EGL driver and it forces the
 specified EGL driver to be loaded.  It comes in handy when one wants to test a
-specific driver.</p>
+specific driver.  This variable is ignored for setuid/setgid binaries.</p>
 
 </li>
 

src/egl/main/egldriver.c

@@ -415,6 +415,14 @@ _eglGetSearchPath(void)
       int ret;
 
       p = getenv("EGL_DRIVERS_PATH");
+#if defined(_EGL_PLATFORM_POSIX)
+      if (p && (geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVERS_PATH for setuid/setgid binaries");
+         p = NULL;
+      }
+#endif /* _EGL_PLATFORM_POSIX */
+
       if (p) {
          ret = snprintf(buffer, sizeof(buffer),
                "%s:%s", p, _EGL_DRIVER_SEARCH_DIR);
@@ -446,9 +454,15 @@ _eglPreloadUserDriver(void)
 
    env = getenv("EGL_DRIVER");
 #if defined(_EGL_PLATFORM_POSIX)
-   if (env && strchr(env, '/'))
+   if (env && strchr(env, '/')) {
       search_path = "";
-#endif
+      if ((geteuid() != getuid() || getegid() != getgid())) {
+         _eglLog(_EGL_DEBUG,
+               "ignore EGL_DRIVER for setuid/setgid binaries");
+         env = NULL;
+      }
+   }
+#endif /* _EGL_PLATFORM_POSIX */
    if (!env)
       return EGL_FALSE;