about summary refs log tree commit diff
path: root/elf/dl-support.c
diff options
context:
space:
mode:
Diffstat (limited to 'elf/dl-support.c')
-rw-r--r--elf/dl-support.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 50b37e8166..75d7b1926a 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -27,6 +27,8 @@
 #include <ldsodefs.h>
 #include <dl-machine.h>
 #include <bits/libc-lock.h>
+#include <dl-librecon.h>
+#include <unsecvars.h>
 
 extern char *__progname;
 char **_dl_argv = &__progname;	/* This is checked for some error messages.  */
@@ -125,6 +127,26 @@ non_dynamic_init (void)
 
   _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
 
+  if (__libc_enable_secure)
+    {
+      static const char *unsecure_envvars[] =
+      {
+	UNSECURE_ENVVARS,
+#ifdef EXTRA_UNSECURE_ENVVARS
+	EXTRA_UNSECURE_ENVVARS
+#endif
+      };
+      size_t cnt;
+
+      for (cnt = 0;
+	   cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]);
+	   ++cnt)
+	unsetenv (unsecure_envvars[cnt]);
+
+      if (__access ("/etc/suid-debug", F_OK) != 0)
+	unsetenv ("MALLOC_CHECK_");
+    }
+
 #ifdef DL_PLATFORM_INIT
   DL_PLATFORM_INIT;
 #endif
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-07 19:35:52 +0000