summary refs log tree commit diff
path: root/elf/rtld.c
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2004-12-07 06:55:06 +0000
committerUlrich Drepper <drepper@redhat.com>2004-12-07 06:55:06 +0000
commit00a121627cc88aca49d342f674c49d6c14ae1622 (patch)
treefa317ddf265be3bf577d4096ba07b58245b30b19 /elf/rtld.c
parentbbd0bf24e928516d47a63d0076d9abafb8ce6e95 (diff)
downloadglibc-00a121627cc88aca49d342f674c49d6c14ae1622.tar.gz
glibc-00a121627cc88aca49d342f674c49d6c14ae1622.tar.xz
glibc-00a121627cc88aca49d342f674c49d6c14ae1622.zip
2004-12-01  Jakub Jelinek  <jakub@redhat.com>

	* elf/rtld.c (process_envvars): Don't consider LD_SHOW_AUXV
	and LD_DYNAMIC_WEAK if __libc_enable_secure.
	If __libc_enable_secure, /etc/suid-debug doesn't exist and
	program will be actually run, turn off all debugging.
	* sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add LD_DEBUG,
	LD_DYNAMIC_WEAK and LD_SHOW_AUXV.
Diffstat (limited to 'elf/rtld.c')
-rw-r--r--elf/rtld.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/elf/rtld.c b/elf/rtld.c
index 601fc7d53c..13f7b4f748 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2158,7 +2158,8 @@ process_envvars (enum mode *modep)
 	case 9:
 	  /* Test whether we want to see the content of the auxiliary
 	     array passed up from the kernel.  */
-	  if (memcmp (envline, "SHOW_AUXV", 9) == 0)
+	  if (!INTUSE(__libc_enable_secure)
+	      && memcmp (envline, "SHOW_AUXV", 9) == 0)
 	    _dl_show_auxv ();
 	  break;
 
@@ -2191,7 +2192,8 @@ process_envvars (enum mode *modep)
 	      break;
 	    }
 
-	  if (memcmp (envline, "DYNAMIC_WEAK", 12) == 0)
+	  if (!INTUSE(__libc_enable_secure)
+	      && memcmp (envline, "DYNAMIC_WEAK", 12) == 0)
 	    GLRO(dl_dynamic_weak) = 1;
 	  break;
 
@@ -2265,7 +2267,11 @@ process_envvars (enum mode *modep)
       while (*nextp != '\0');
 
       if (__access ("/etc/suid-debug", F_OK) != 0)
-	unsetenv ("MALLOC_CHECK_");
+        {
+	  unsetenv ("MALLOC_CHECK_");
+	  if (mode == normal)
+	    GLRO(dl_debug_mask) = 0;
+        }
     }
   /* If we have to run the dynamic linker in debugging mode and the
      LD_DEBUG_OUTPUT environment variable is given, we write the debug