coreutils: Protect against env -a for security

[oech3]

env -a false ls does not fail. Works under masked /proc.
Closes #10135

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/tty/tty-eof (fails in this run but passes in the 'main' branch)
Skipping an intermittent issue tests/misc/usage_vs_getopt (passes in this run but fails in the 'main' branch)
Skipping an intermittent issue tests/shuf/shuf-reservoir (passes in this run but fails in the 'main' branch)
Skipping an intermittent issue tests/sort/sort-stale-thread-mem (passes in this run but fails in the 'main' branch)
Note: The gnu test tests/basenc/bounded-memory is now being skipped but was previously passing.

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/shuf/shuf-reservoir (fails in this run but passes in the 'main' branch)
Skip an intermittent issue tests/sort/sort-stale-thread-mem (fails in this run but passes in the 'main' branch)

[codspeed-hq]

Merging this PR will not alter performance

✅ 3 untouched benchmarks
⏩ 319 skipped benchmarks¹

---

_{Comparing oech3:auxval (3f57dd7) with main (194d980)}

Footnotes

1. 319 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[github-actions]

GNU testsuite comparison:

GNU test failed: tests/cut/bounded-memory. tests/cut/bounded-memory is passing on 'main'. Maybe you have to rebase?
Congrats! The gnu test tests/pr/bounded-memory is no longer failing!

[ChrisDryden]

I think it would make sense for this code to go into the validation.rs file instead of in the main.rs, then you don't have to worry about importing libc.

It would be good to have an additional integration test that shows the env -a working

[oech3]

coreutils/src/common/validation.rs

Lines 69 to 77 in 194d980

	/// Gets the binary path from command line arguments
	/// # Panics
	/// Panics if the binary path cannot be determined
	pub fn binary_path(args: &mut impl Iterator<Item = OsString>) -> PathBuf {
	match args.next() {
	Some(ref s) if !s.is_empty() => PathBuf::from(s),
	_ => std::env::current_exe().unwrap(),
	}
	}

Wait! Why are we using std::env::current_exe at here which depends on /proc?
cc: @Ecordonnier

[github-actions]

GNU testsuite comparison:

Congrats! The gnu test tests/tail/tail-n0f is now passing!

[oech3]

It would be good to have an additional integration test that shows the env -a working

Done

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/shuf/shuf-reservoir (fails in this run but passes in the 'main' branch)
Skip an intermittent issue tests/sort/sort-stale-thread-mem (fails in this run but passes in the 'main' branch)
Congrats! The gnu test tests/tail/tail-n0f is now passing!

[github-actions]

GNU testsuite comparison:

Congrats! The gnu test tests/tail/tail-n0f is now passing!

[oech3]

no idea how to remove argv[0] dispatch dep from test_env_arg_argv0_overwrite_mixed_with_string_args coreutils.
We can use system sh for other env tests.

[github-actions]

GNU testsuite comparison:

GNU test failed: tests/cut/bounded-memory. tests/cut/bounded-memory is passing on 'main'. Maybe you have to rebase?
GNU test failed: tests/pr/bounded-memory. tests/pr/bounded-memory is passing on 'main'. Maybe you have to rebase?
Congrats! The gnu test tests/tail/tail-n0f is now passing!