nsswitch: do not reload if "/" changes

https://sourceware.org/bugzilla/show_bug.cgi?id=27077 Before reloading nsswitch.conf, verify that the root directory hasn't changed - if it has, it's likely that we've entered a container and should not trust the nsswitch inside the container nor load any shared objects therein. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
author: DJ Delorie <dj@redhat.com> 2021-01-15 19:50:00 -0500
committer: DJ Delorie <dj@redhat.com> 2021-01-27 13:35:15 -0500
commit: 429029a73ec2dba7f808f69ec8b9e3d84e13e804 (patch)
tree: cfe71d0e361692d5aabff4d8eaa00f2638f69fe4 /nss/nss_module.h
parent: 01cdcf783a666481133d4975b1980624b0ef4799 (diff)
download: glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.gz
glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.xz
glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/nss/nss_module.h b/nss/nss_module.h
index 06e8c29040..05c4791d11 100644
--- a/nss/nss_module.h
+++ b/nss/nss_module.h
@@ -87,6 +87,9 @@ bool __nss_module_load (struct nss_module *module) attribute_hidden;
 void *__nss_module_get_function (struct nss_module *module, const char *name)
   attribute_hidden;
 
+/* Block attempts to dlopen any module we haven't already opened.  */
+void __nss_module_disable_loading (void);
+
 /* Called from __libc_freeres.  */
 void __nss_module_freeres (void) attribute_hidden;
author	DJ Delorie <dj@redhat.com>	2021-01-15 19:50:00 -0500
committer	DJ Delorie <dj@redhat.com>	2021-01-27 13:35:15 -0500
commit	429029a73ec2dba7f808f69ec8b9e3d84e13e804 (patch)
tree	cfe71d0e361692d5aabff4d8eaa00f2638f69fe4 /nss/nss_module.h
parent	01cdcf783a666481133d4975b1980624b0ef4799 (diff)
download	glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.gz glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.xz glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.zip