diff options
| -rw-r--r-- | src/ldso/dynlink.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c index 8ade0737..b308b875 100644 --- a/src/ldso/dynlink.c +++ b/src/ldso/dynlink.c @@ -48,6 +48,7 @@ struct dso }; static struct dso *head, *tail, *libc; +static int trust_env; #define AUX_CNT 15 #define DYN_CNT 34 @@ -373,6 +374,11 @@ void *__dynlink(int argc, char **argv, size_t *got) /* At this point the standard library is fully functional */ + /* Only trust user/env if kernel says we're not suid/sgid */ + trust_env = (aux[0]&0x7800)==0x7800 + && aux[AT_UID]==aux[AT_EUID] + && aux[AT_GID]==aux[AT_EGID]; + head = tail = &app; libc = &lib; app.next = 0; |