From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1791) id 6396C3858D37; Tue, 21 Nov 2023 20:48:36 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6396C3858D37 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1700599716; bh=ZEhDDuI/oc7CZHnOgZdkacoWiY3Zzi9cKrkeBsqFhOY=; h=From:To:Subject:Date:From; b=Y59+ZvrrLdfA0qkAmRoGp51yU9rLVWAtVOECc7b5JGYnMW1Qa1g7hwYqLWYZsqKcp sJwScqAkltEjSxTU0yxyEefto2Q02AKd1Wc/HcwMPepIRrs/p89lPAgopWccz1eA8K tJC+GV4iSt9r5SXDdd80nNa0qoKy4pVpVi0RRZfE= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Adhemerval Zanella To: glibc-cvs@sourceware.org Subject: [glibc] elf: Add GLIBC_TUNABLES to unsecvars X-Act-Checkin: glibc X-Git-Author: Adhemerval Zanella X-Git-Refname: refs/heads/master X-Git-Oldrev: 6c6fce572fb8f583f14d898e54fd7d25ae91cf56 X-Git-Newrev: a72a4eb10b2d9aef7a53f9d2facf166a685d85fb Message-Id: <20231121204836.6396C3858D37@sourceware.org> Date: Tue, 21 Nov 2023 20:48:36 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a72a4eb10b2d9aef7a53f9d2facf166a685d85fb commit a72a4eb10b2d9aef7a53f9d2facf166a685d85fb Author: Adhemerval Zanella Date: Mon Nov 6 17:25:35 2023 -0300 elf: Add GLIBC_TUNABLES to unsecvars setuid/setgid process now ignores any glibc tunables, and filters out all environment variables that might changes its behavior. This patch also adds GLIBC_TUNABLES, so any spawned process by setuid/setgid processes should set tunable explicitly. Checked on x86_64-linux-gnu. Reviewed-by: Florian Weimer Reviewed-by: Siddhesh Poyarekar Diff: --- elf/tst-env-setuid-tunables.c | 32 ++++---------------------------- sysdeps/generic/unsecvars.h | 1 + 2 files changed, 5 insertions(+), 28 deletions(-) diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c index f0b92c97e7..2603007b7b 100644 --- a/elf/tst-env-setuid-tunables.c +++ b/elf/tst-env-setuid-tunables.c @@ -60,45 +60,21 @@ const char *teststrings[] = "glibc.not_valid.check=2", }; -const char *resultstrings[] = -{ - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.perturb=0x800", - "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", - "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", - "", - "", - "", - "", - "", - "", - "", -}; - static int test_child (int off) { const char *val = getenv ("GLIBC_TUNABLES"); + int ret = 1; printf (" [%d] GLIBC_TUNABLES is %s\n", off, val); fflush (stdout); - if (val != NULL && strcmp (val, resultstrings[off]) == 0) - return 0; - if (val != NULL) - printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s, expected %s\n", - off, val, resultstrings[off]); + printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); else - printf (" [%d] GLIBC_TUNABLES environment variable absent\n", off); - + ret = 0; fflush (stdout); - return 1; + return ret; } static int diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h index 8278c50a84..81397fb90b 100644 --- a/sysdeps/generic/unsecvars.h +++ b/sysdeps/generic/unsecvars.h @@ -4,6 +4,7 @@ #define UNSECURE_ENVVARS \ "GCONV_PATH\0" \ "GETCONF_DIR\0" \ + "GLIBC_TUNABLES\0" \ "HOSTALIASES\0" \ "LD_AUDIT\0" \ "LD_DEBUG\0" \