diff options
author | Ulrich Drepper <drepper@redhat.com> | 2003-05-06 06:34:21 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2003-05-06 06:34:21 +0000 |
commit | be4d80380a87ab758aecb4e25695b264d36156da (patch) | |
tree | 1eff92d850952d6f9ff8e6e9a1aea83022783092 | |
parent | 9946f75ad4b3183a09c3f3ff1c3554613fb4f485 (diff) | |
download | glibc-be4d80380a87ab758aecb4e25695b264d36156da.tar.gz glibc-be4d80380a87ab758aecb4e25695b264d36156da.tar.xz glibc-be4d80380a87ab758aecb4e25695b264d36156da.zip |
Update.
* sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New variable. (__libc_init_secure): Don't do anything if __libc_enable_secure_decided is nonzero. * include/unistd.h: Declare __libc_enable_secure_decided. * elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID, and AT_EGID. If all found, set __libc_enable_secure and __libc_enable_secure_decided.
-rw-r--r-- | ChangeLog | 9 | ||||
-rw-r--r-- | elf/dl-support.c | 25 | ||||
-rw-r--r-- | include/unistd.h | 1 | ||||
-rw-r--r-- | linuxthreads/ChangeLog | 5 | ||||
-rw-r--r-- | nptl/ChangeLog | 4 | ||||
-rw-r--r-- | sysdeps/generic/enbl-secure.c | 9 |
6 files changed, 50 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog index db7699697b..5cc3a1976d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,14 @@ 2003-05-05 Ulrich Drepper <drepper@redhat.com> + * sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New + variable. + (__libc_init_secure): Don't do anything if __libc_enable_secure_decided + is nonzero. + * include/unistd.h: Declare __libc_enable_secure_decided. + * elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID, + and AT_EGID. If all found, set __libc_enable_secure and + __libc_enable_secure_decided. + * sysdeps/generic/libc-start.c [!SHARED]: Call __libc_check_standard_fds after __libc_init_first. diff --git a/elf/dl-support.c b/elf/dl-support.c index 2ff3d2f905..0d6ce6a12b 100644 --- a/elf/dl-support.c +++ b/elf/dl-support.c @@ -148,6 +148,10 @@ void internal_function _dl_aux_init (ElfW(auxv_t) *av) { + int seen = 0; + uid_t uid = 0; + gid_t gid = 0; + for (; av->a_type != AT_NULL; ++av) switch (av->a_type) { @@ -168,7 +172,28 @@ _dl_aux_init (ElfW(auxv_t) *av) GL(dl_sysinfo) = av->a_un.a_val; break; #endif + case AT_UID: + uid ^= av->a_un.a_val; + seen |= 1; + break; + case AT_EUID: + uid ^= av->a_un.a_val; + seen |= 2; + break; + case AT_GID: + gid ^= av->a_un.a_val; + seen |= 4; + break; + case AT_EGID: + gid ^= av->a_un.a_val; + seen |= 8; + break; } + if (seen == 0xf) + { + __libc_enable_secure = uid != 0 || gid != 0; + __libc_enable_secure_decided = 1; + } } #endif diff --git a/include/unistd.h b/include/unistd.h index eba14514c1..a66e97822d 100644 --- a/include/unistd.h +++ b/include/unistd.h @@ -140,6 +140,7 @@ libc_hidden_proto (__sbrk) and some functions contained in the C library ignore various environment variables that normally affect them. */ extern int __libc_enable_secure; +extern int __libc_enable_secure_decided; #ifdef IS_IN_rtld /* XXX The #ifdef should go. */ extern int __libc_enable_secure_internal attribute_hidden; diff --git a/linuxthreads/ChangeLog b/linuxthreads/ChangeLog index 8f695c631f..c435b54e2f 100644 --- a/linuxthreads/ChangeLog +++ b/linuxthreads/ChangeLog @@ -1,3 +1,8 @@ +2003-05-05 Ulrich Drepper <drepper@redhat.com> + + * sysdeps/i386/tls.h (TLS_DO_SET_THREAD_AREA): Add \n to error + messages. + 2003-05-04 Roland McGrath <roland@redhat.com> * Makefile ($(objpfx)../libc.so): New target. diff --git a/nptl/ChangeLog b/nptl/ChangeLog index a1efb2bf26..791d2ece5a 100644 --- a/nptl/ChangeLog +++ b/nptl/ChangeLog @@ -1,3 +1,7 @@ +2003-05-05 Ulrich Drepper <drepper@redhat.com> + + * sysdeps/i386/tls.h (TLS_INIT_TP): Include \n in error message. + 2003-05-04 Roland McGrath <roland@redhat.com> * Makefile ($(objpfx)../libc.so): New target. diff --git a/sysdeps/generic/enbl-secure.c b/sysdeps/generic/enbl-secure.c index c811712087..fac3b9c527 100644 --- a/sysdeps/generic/enbl-secure.c +++ b/sysdeps/generic/enbl-secure.c @@ -1,5 +1,5 @@ /* Define and initialize the `__libc_enable_secure' flag. Generic version. - Copyright (C) 1996, 1997, 1998, 2000 Free Software Foundation, Inc. + Copyright (C) 1996, 1997, 1998, 2000, 2003 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -23,12 +23,15 @@ #include <unistd.h> #include <libc-internal.h> +/* If nonzero __libc_enable_secure is already set. */ +int __libc_enable_secure_decided; /* Safest assumption, if somehow the initializer isn't run. */ int __libc_enable_secure = 1; void __libc_init_secure (void) { - __libc_enable_secure = (__geteuid () != __getuid () - || __getegid () != __getgid ()); + if (__libc_enable_secure_decided == 0) + __libc_enable_secure = (__geteuid () != __getuid () + || __getegid () != __getgid ()); } |