From d370155b9ab73d0c45bf968b7a9c823f4697a505 Mon Sep 17 00:00:00 2001
From: Joe Talbott <joetalbott@gmail.com>
Date: Fri, 1 Mar 2024 17:42:10 +0000
Subject: manual/tunables - Add entry for enable_secure tunable.

---
 manual/tunables.texi | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/manual/tunables.texi b/manual/tunables.texi
index be97190d67..4a7d04dc0d 100644
--- a/manual/tunables.texi
+++ b/manual/tunables.texi
@@ -345,6 +345,16 @@ performance issues of @samp{1}.
 The default value of this tunable is @samp{2}.
 @end deftp
 
+@deftp Tunable glibc.rtld.enable_secure
+Used to run a program as if it were a setuid process.  The only valid value
+is @samp{1} as this tunable can only be used to set and not unset
+@code{enable_secure}.  Setting this tunable to @samp{1} also disables all other
+tunables.  This tunable is intended to facilitate more extensive verification
+tests for @code{AT_SECURE} programs and not meant to be a security feature.
+
+The default value of this tunable is @samp{0}.
+@end deftp
+
 @node Elision Tunables
 @section Elision Tunables
 @cindex elision tunables
-- 
cgit 1.4.1