diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2023-11-06 17:25:37 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2023-11-21 16:15:42 -0300 |
| commit | 11f7e3dd8fed66e0b8740af440cd3151e55a466f (patch) | |
| tree | 69169ddfeb2a8d757a42de6e00707dc4ff247f7f /elf/Makefile | |
| parent | 9c96c87d60eafa4d78406e606e92b42bd4b570ad (diff) | |
| download | glibc-11f7e3dd8fed66e0b8740af440cd3151e55a466f.tar.gz glibc-11f7e3dd8fed66e0b8740af440cd3151e55a466f.tar.xz glibc-11f7e3dd8fed66e0b8740af440cd3151e55a466f.zip | |
elf: Add all malloc tunable to unsecvars
Some environment variables allow alteration of allocator behavior across setuid boundaries, where a setuid program may ignore the tunable, but its non-setuid child can read it and adjust the memory allocator behavior accordingly. Most library behavior tunings is limited to the current process and does not bleed in scope; so it is unclear how pratical this misfeature is. If behavior change across privilege boundaries is desirable, it would be better done with a wrapper program around the non-setuid child that sets these envvars, instead of using the setuid process as the messenger. The patch as fixes tst-env-setuid, where it fail if any unsecvars is set. It also adds a dynamic test, although it requires --enable-hardcoded-path-in-tests so kernel correctly sets the setuid bit (using the loader command directly would require to set the setuid bit on the loader itself, which is not a usual deployment). Co-authored-by: Siddhesh Poyarekar <siddhesh@sourceware.org> Checked on x86_64-linux-gnu. Reviewed-by: DJ Delorie <dj@redhat.com>
Diffstat (limited to 'elf/Makefile')
| -rw-r--r-- | elf/Makefile | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/elf/Makefile b/elf/Makefile index 761f1d0af3..1af8ca4f84 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -262,7 +262,7 @@ tests-static-normal := \ tst-array5-static \ tst-dl-iter-static \ tst-dst-static \ - tst-env-setuid \ + tst-env-setuid-static \ tst-getauxval-static \ tst-linkall-static \ tst-single_threaded-pthread-static \ @@ -306,6 +306,7 @@ tests := \ tst-auxv \ tst-decorate-maps \ tst-dl-hash \ + tst-env-setuid \ tst-leaks1 \ tst-stringtable \ tst-tls9 \ @@ -2433,9 +2434,6 @@ $(objpfx)tst-nodelete-dlclose: $(objpfx)tst-nodelete-dlclose-dso.so $(objpfx)tst-nodelete-dlclose.out: $(objpfx)tst-nodelete-dlclose-dso.so \ $(objpfx)tst-nodelete-dlclose-plugin.so -tst-env-setuid-ENV = MALLOC_CHECK_=2 MALLOC_MMAP_THRESHOLD_=4096 \ - LD_HWCAP_MASK=0x1 - $(objpfx)tst-debug1.out: $(objpfx)tst-debug1mod1.so $(objpfx)tst-debug1mod1.so: $(objpfx)testobj1.so @@ -3002,3 +3000,5 @@ $(objpfx)tst-non-directory-path.out: tst-non-directory-path.sh \ '$(test-wrapper-env)' '$(run_program_env)' \ '$(rpath-link)' $(objpfx) > $@; \ $(evaluate-test) + +tst-env-setuid-ARGS = -- $(host-test-program-cmd) |