coreutils: Protect against env -a for security

[oech3]

env -a false ls does not fail. Works under masked /proc.
Closes #10135

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/tty/tty-eof (fails in this run but passes in the 'main' branch)
Skipping an intermittent issue tests/misc/usage_vs_getopt (passes in this run but fails in the 'main' branch)
Skipping an intermittent issue tests/shuf/shuf-reservoir (passes in this run but fails in the 'main' branch)
Skipping an intermittent issue tests/sort/sort-stale-thread-mem (passes in this run but fails in the 'main' branch)
Note: The gnu test tests/basenc/bounded-memory is now being skipped but was previously passing.

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/shuf/shuf-reservoir (fails in this run but passes in the 'main' branch)
Skip an intermittent issue tests/sort/sort-stale-thread-mem (fails in this run but passes in the 'main' branch)

[codspeed-hq]

Merging this PR will improve performance by 3.22%

⚡ 1 improved benchmark
✅ 283 untouched benchmarks
⏩ 38 skipped benchmarks¹

Performance Changes

	Mode	Benchmark	BASE	HEAD	Efficiency
⚡	Simulation	cp_large_file[16]	391.2 µs	379 µs	+3.22%

---

_{Comparing oech3:auxval (526f6fc) with main (194d980)}

Footnotes

1. 38 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[github-actions]

GNU testsuite comparison:

GNU test failed: tests/cut/bounded-memory. tests/cut/bounded-memory is passing on 'main'. Maybe you have to rebase?
Congrats! The gnu test tests/pr/bounded-memory is no longer failing!

[ChrisDryden]

I think it would make sense for this code to go into the validation.rs file instead of in the main.rs, then you don't have to worry about importing libc.

It would be good to have an additional integration test that shows the env -a working

[oech3]

coreutils/src/common/validation.rs

Lines 69 to 77 in 194d980

	/// Gets the binary path from command line arguments
	/// # Panics
	/// Panics if the binary path cannot be determined
	pub fn binary_path(args: &mut impl Iterator<Item = OsString>) -> PathBuf {
	match args.next() {
	Some(ref s) if !s.is_empty() => PathBuf::from(s),
	_ => std::env::current_exe().unwrap(),
	}
	}

Wait! Why are we using std::env::current_exe at here which depends on /proc?
cc: @Ecordonnier

[github-actions]

GNU testsuite comparison:

Congrats! The gnu test tests/tail/tail-n0f is now passing!

[oech3]

It would be good to have an additional integration test that shows the env -a working

Done

[github-actions]

GNU testsuite comparison:

Skip an intermittent issue tests/shuf/shuf-reservoir (fails in this run but passes in the 'main' branch)
Skip an intermittent issue tests/sort/sort-stale-thread-mem (fails in this run but passes in the 'main' branch)
Congrats! The gnu test tests/tail/tail-n0f is now passing!