Update.

	* elf/dl-load.c (expand_dynamic_string_token): Don't expand
	$ORIGIN for SUID binaries.

2 files changed, 8 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 383622fbec..4a65061e5d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 1999-05-03  Ulrich Drepper  <drepper@cygnus.com>
 
+	* elf/dl-load.c (expand_dynamic_string_token): Don't expand
+	$ORIGIN for SUID binaries.
+
 	* sysdeps/unix/sysv/linux/arm/Dist: Add sigrestorer.S.
 
 1999-05-02  Andreas Schwab  <schwab@issan.cs.uni-dortmund.de>
diff --git a/elf/dl-load.c b/elf/dl-load.c
index d9645e6f54..c1d1d7eede 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -161,7 +161,9 @@ expand_dynamic_string_token (struct link_map *l, const char *s)
     {
       size_t len = 1;
 
-      if (((strncmp (&sf[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
+      /* $ORIGIN is not expanded for SUID/GUID programs.  */
+      if (((!__libc_enable_secure
+	    && strncmp (&sf[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
 	   || (strncmp (&sf[1], "PLATFORM", 8) == 0 && (len = 9) != 0))
 	  && (s[len] == '\0' || s[len] == '/' || s[len] == ':'))
 	++cnt;
@@ -209,7 +211,8 @@ expand_dynamic_string_token (struct link_map *l, const char *s)
 	  const char *repl;
 	  size_t len;
 
-	  if (((strncmp (&s[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
+	  if (((!__libc_enable_secure
+		&& strncmp (&s[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
 	       || (strncmp (&s[1], "PLATFORM", 8) == 0 && (len = 9) != 0))
 	      && (s[len] == '\0' || s[len] == '/' || s[len] == ':'))
 	    {