about summary refs log tree commit diff
path: root/sysdeps/generic/unsecvars.h
Commit message (Collapse)AuthorAgeFilesLines
* Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug #21209)Siddhesh Poyarekar2017-03-071-0/+1
| | | | | | | | | | | | | | | | | | | The LD_HWCAP_MASK environment variable may alter the selection of function variants for some architectures. For AT_SECURE process it means that if an outdated routine has a bug that would otherwise not affect newer platforms by default, LD_HWCAP_MASK will allow that bug to be exploited. To be on the safe side, ignore and disable LD_HWCAP_MASK for setuid binaries. [BZ #21209] * elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for AT_SECURE processes. * sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK. * elf/tst-env-setuid.c (test_parent): Test LD_HWCAP_MASK. (test_child): Likewise. * elf/Makefile (tst-env-setuid-ENV): Add LD_HWCAP_MASK.
* Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073)Siddhesh Poyarekar2017-02-021-0/+7
| | | | | | | | | | | | | A setxid program that uses a glibc with tunables disabled may pass on GLIBC_TUNABLES as is to its child processes. If the child process ends up using a different glibc that has tunables enabled, it will end up getting access to unsafe tunables. To fix this, remove GLIBC_TUNABLES from the environment for setxid process. * sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES. * elf/tst-env-setuid-tunables.c (test_child_tunables)[!HAVE_TUNABLES]: Verify that GLIBC_TUNABLES is removed in a setgid process.
* * malloc/malloc.c (_int_malloc): Remove unused any_larger variable.Ulrich Drepper2006-10-111-0/+1
| | | | | | | * nis/nis_defaults.c (__nis_default_access): Don't call getenv twice. * nis/nis_subr.c (nis_getnames): Use __secure_getenv instead of getenv. * sysdeps/generic/unsecvars.h: Add NIS_PATH.
* * csu/elf-init.c (__libc_csu_fini): Don't do anything here. Ulrich Drepper2005-01-061-8/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sysdeps/generic/libc-start.c: Don't register program destructor here. * dlfcn/Makefile: Add rules to build dlfcn.c. (LDFLAGS-dl.so): Removed. * dlfcn/dlclose.c: _dl_close is now in ld.so, use function pointer table. * dlfcn/dlmopen.c: Likewise for _dl_open. * dlfcn/dlopen.c: Likewise. * dlfcn/dlopenold.c: Likewise. * elf/dl-libc.c: Likewise for _dl_open and _dl_close. * elf/Makefile (routines): Remove dl-open and dl-close. (dl-routines): Add dl-open, dl-close, and dl-trampoline. Add rules to build and run tst-audit1. * elf/tst-audit1.c: New file. * elf/tst-auditmod1.c: New file. * elf/Versions [libc]: Remove _dl_open and _dl_close. * elf/dl-close.c: Change for use inside ld.so instead of libc.so. * elf/dl-open.c: Likewise. * elf/dl-debug.c (_dl_debug_initialize): Allow reinitialization, signaled by nonzero parameter. * elf/dl-init.c: Fix use of r_state. * elf/dl-load.c: Likewise. * elf/dl-close.c: Add auditing checkpoints. * elf/dl-open.c: Likewise. * elf/dl-fini.c: Likewise. * elf/dl-load.c: Likewise. * elf/dl-sym.c: Likewise. * sysdeps/generic/libc-start.c: Likewise. * elf/dl-object.c: Allocate memory for auditing information. * elf/dl-reloc.c: Remove RESOLV. We now always need the map. Correctly initialize slotinfo. * elf/dynamic-link.h: Adjust after removal of RESOLV. * sysdeps/hppa/dl-lookupcfg.h: Likewise. * sysdeps/ia64/dl-lookupcfg.h: Likewise. * sysdeps/powerpc/powerpc64/dl-lookupcfg.h: Removed. * elf/dl-runtime.c (_dl_fixup): Little cleanup. (_dl_profile_fixup): New parameters to point to register struct and variable for frame size. Add auditing checkpoints. (_dl_call_pltexit): New function. Don't define trampoline code here. * elf/rtld.c: Recognize LD_AUDIT. Load modules on startup. Remove all the functions from _rtld_global_ro which only _dl_open and _dl_close needed. Add auditing checkpoints. * elf/link.h: Define symbols for auditing interfaces. * include/link.h: Likewise. * include/dlfcn.h: Define __RTLD_AUDIT. Remove prototypes for _dl_open and _dl_close. Adjust access to argc and argv in libdl. * dlfcn/dlfcn.c: New file. * sysdeps/generic/dl-lookupcfg.h: Remove all content now that RESOLVE is gone. * sysdeps/generic/ldsodefs.h: Add definitions for auditing interfaces. * sysdeps/generic/unsecvars.h: Add LD_AUDIT. * sysdeps/i386/dl-machine.h: Remove trampoline code here. Adjust for removal of RESOLVE. * sysdeps/x86_64/dl-machine.h: Likewise. * sysdeps/generic/dl-trampoline.c: New file. * sysdeps/i386/dl-trampoline.c: New file. * sysdeps/x86_64/dl-trampoline.c: New file. * sysdeps/generic/dl-tls.c: Cleanups. Fixup for dtv_t change. Fix updating of DTV. * sysdeps/generic/libc-tls.c: Likewise. * sysdeps/arm/bits/link.h: Renamed to ... * sysdeps/arm/buts/linkmap.h: ...this. * sysdeps/generic/bits/link.h: Renamed to... * sysdeps/generic/bits/linkmap.h: ...this. * sysdeps/hppa/bits/link.h: Renamed to... * sysdeps/hppa/bits/linkmap.h: ...this. * sysdeps/hppa/i386/link.h: Renamed to... * sysdeps/hppa/i386/linkmap.h: ...this. * sysdeps/hppa/ia64/link.h: Renamed to... * sysdeps/hppa/ia64/linkmap.h: ...this. * sysdeps/hppa/s390/link.h: Renamed to... * sysdeps/hppa/s390/linkmap.h: ...this. * sysdeps/hppa/sh/link.h: Renamed to... * sysdeps/hppa/sh/linkmap.h: ...this. * sysdeps/hppa/x86_64/link.h: Renamed to... * sysdeps/hppa/x86_64/linkmap.h: ...this. 2005-01-06 Ulrich Drepper <drepper@redhat.com> * allocatestack.c (init_one_static_tls): Adjust initialization of DTV entry for static tls deallocation fix. * sysdeps/alpha/tls.h (dtv_t): Change pointer type to be struct which also contains information whether the memory pointed to is static TLS or not. * sysdeps/i386/tls.h: Likewise. * sysdeps/ia64/tls.h: Likewise. * sysdeps/powerpc/tls.h: Likewise. * sysdeps/s390/tls.h: Likewise. * sysdeps/sh/tls.h: Likewise. * sysdeps/sparc/tls.h: Likewise. * sysdeps/x86_64/tls.h: Likewise.
* (CFLAGS-tst-align.c): Add -mpreferred-stack-boundary=4.Ulrich Drepper2004-12-221-10/+8
|
* 2.5-18.1Jakub Jelinek2007-07-121-8/+10
|
* Update. cvs/fedora-glibc-20041207T1331Ulrich Drepper2004-12-071-0/+3
| | | | | | | | | | | 2004-12-01 Jakub Jelinek <jakub@redhat.com> * elf/rtld.c (process_envvars): Don't consider LD_SHOW_AUXV and LD_DYNAMIC_WEAK if __libc_enable_secure. If __libc_enable_secure, /etc/suid-debug doesn't exist and program will be actually run, turn off all debugging. * sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add LD_DEBUG, LD_DYNAMIC_WEAK and LD_SHOW_AUXV.
* Update.Ulrich Drepper2004-11-271-0/+1
| | | | | | | | | | | | | | 2004-11-26 Jakub Jelinek <jakub@redhat.com> * sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add GETCONF_DIR. 2004-11-26 Kaz Kojima <kkojima@rr.iij4u.or.jp> * sysdeps/unix/sysv/linux/mips/pread.c: Include sgidefs.h only if NO_SGIDEFS_H isn't defined. Don't include sgidefs.h twice. * sysdeps/unix/sysv/linux/mips/pwrite.c: Likewise. * sysdeps/unix/sysv/linux/mips/pread64.c: Likewise. * sysdeps/unix/sysv/linux/mips/pwrite64.c: Likewise.
* Update.Ulrich Drepper2003-11-261-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2003-11-25 Ulrich Drepper <drepper@redhat.com> * posix/runptests.c (main): Make errors fatal. * posix/PTESTS: One test in GA135 and GA136 check functionality which seems not guaranteed. 2003-11-25 Jakub Jelinek <jakub@redhat.com> * posix/regexec.c (re_search_internal): If prune_impossible_nodes returned REG_NOMATCH, set match_last to -1. Don't initialize pmatch[0] needlessly. Fix comment. (prune_impossible_nodes): Don't segfault on NULL state_log entry. (set_regs): Fix comment. * posix/regcomp.c (parse_bracket_exp): Only set has_plural_match if adding both SIMPLE_BRACKET and COMPLEX_BRACKET. (build_charclass_op): Set has_plural_match if adding both SIMPLE_BRACKET and COMPLEX_BRACKET. * posix/bug-regex11.c (tests): Fix register values for one commented out test. Add new tests. * posix/regex_internal.c (re_string_allocate): Make sure init_len is at least dfa->mb_cur_max. (re_string_reconstruct): If is_utf8, don't fall back into re_string_skip_chars just because idx points into a middle of valid UTF-8 character. Instead, set the wcs bytes which correspond to the partial character bytes to WEOF. * posix/regexec.c (re_search_internal): Allocate input.bufs_len + 1 instead of dfa->nodes_len + 1 state_log entries initially. * posix/bug-regex20.c (main): Uncomment backwards case insensitive tests.
* Update.Ulrich Drepper2001-11-061-11/+18
| | | | | | | | | | | | | * elf/elf.h: Add dynamic tag definitions for prelinking. * elf/rtld.c (process_envvars): Avoid using array of string pointers. Rewrite code to remove environment varables for SUID binaries. Small optimization in LD_PROFILE handling. * sysdeps/generic/unsecvars.h: Adjust format for process_envvars changes. * sysdeps/unix/sysv/linux/i386/dl-librecon.h: Likewise. * sysdeps/generic/dl-sysdep.c: Don't initialize _dl_cpuclock_offset.
* Update.Ulrich Drepper2001-01-081-0/+1
| | | | | * resolv/res_query.c: Use simply getenv() for HOSTALIASES. * sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add HOSTALIASES.
* Update.Ulrich Drepper2001-01-081-1/+1
| | | | * sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add missing comma.
* Update.Ulrich Drepper2000-09-261-0/+11
2000-09-26 Thorsten Kukuk <kukuk@suse.de> * nscd/dbg_log.c (dbg_log): Add missing format string. * catgets/catgets.c (catopen): Use getenv instead of __secure_getenv since we filter out the variable once. * iconv/gconv_conf.c (__gconv_get_path): Likewise. * locale/newlocale.c (__newlocale): Likewise. * locale/setlocale.c (setlocale): Likewise. * malloc/malloc.c (ptmalloc_init): Likewise. * resolv/res_hconf.c (_res_hconf_init): Likewise. * resolv/res_init.c (__res_vinit): Likewise. * time/tzfile.c (__tzfile_read): Likewise. * sysdeps/generic/unsecvars.h: New file. * elf/dl-support.c (non_dynamic_init): Use it here to remove variables. * elf/rtld.c (process_envvars): Likewise. * elf/Makefile (distribute): Add unsecvars.h.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-02 07:15:08 +0000