public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc] elf: Add comments on how LD_AUDIT and LD_PRELOAD handle __libc_enable_secure
@ 2023-11-21 20:49 Adhemerval Zanella
0 siblings, 0 replies; only message in thread
From: Adhemerval Zanella @ 2023-11-21 20:49 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=780c33920281c5d5cc42a1e578bdc9218e675405
commit 780c33920281c5d5cc42a1e578bdc9218e675405
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Mon Nov 6 17:25:50 2023 -0300
elf: Add comments on how LD_AUDIT and LD_PRELOAD handle __libc_enable_secure
To make explicit why __libc_enable_secure is not checked.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Diff:
---
elf/rtld.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/elf/rtld.c b/elf/rtld.c
index 7d4c843e7e..0553c05edb 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2561,6 +2561,10 @@ process_envvars (struct dl_main_state *state)
process_dl_debug (state, &envline[6]);
break;
}
+ /* For __libc_enable_secure mode, audit pathnames containing slashes
+ are ignored. Also, shared audit objects are only loaded only from
+ the standard search directories and only if they have set-user-ID
+ mode bit enabled. */
if (memcmp (envline, "AUDIT", 5) == 0)
audit_list_add_string (&state->audit_list, &envline[6]);
break;
@@ -2573,7 +2577,10 @@ process_envvars (struct dl_main_state *state)
break;
}
- /* List of objects to be preloaded. */
+ /* For __libc_enable_secure mode, preload pathnames containing slashes
+ are ignored. Also, shared objects are only preloaded from the
+ standard search directories and only if they have set-user-ID mode
+ bit enabled. */
if (memcmp (envline, "PRELOAD", 7) == 0)
{
state->preloadlist = &envline[8];
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-11-21 20:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-21 20:49 [glibc] elf: Add comments on how LD_AUDIT and LD_PRELOAD handle __libc_enable_secure Adhemerval Zanella
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).