From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 7932) id 437B63858C5F; Fri, 1 Mar 2024 17:43:29 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 437B63858C5F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1709315009; bh=rRqLs8RLUpHPYaGYm//Em7R5Mr7uV6QHo970ZQwDmoM=; h=From:To:Subject:Date:From; b=qB/ifAfiiE4dyjjAOHPPdYyckxsIhWpwypSdmTD1nGpW51CpwSxYKszTc2Ea6OkgM Z1ZlQCUGPlrL4Iuu1MS+kbcVHcX6nbOZEBvuGL94/eKkfB0FsuqzXXzsIbGuCIX1g+ jlcpOeHeUgseiwT//Kxc92H0YNny/BORYr9px0gs= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Joe Simmons-Talbott To: glibc-cvs@sourceware.org Subject: [glibc] manual/tunables - Add entry for enable_secure tunable. X-Act-Checkin: glibc X-Git-Author: Joe Talbott X-Git-Refname: refs/heads/master X-Git-Oldrev: 18a81441ba34466a4fcf491290443cbf1a7c20cc X-Git-Newrev: d370155b9ab73d0c45bf968b7a9c823f4697a505 Message-Id: <20240301174329.437B63858C5F@sourceware.org> Date: Fri, 1 Mar 2024 17:43:29 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d370155b9ab73d0c45bf968b7a9c823f4697a505 commit d370155b9ab73d0c45bf968b7a9c823f4697a505 Author: Joe Talbott Date: Fri Mar 1 17:42:10 2024 +0000 manual/tunables - Add entry for enable_secure tunable. Diff: --- manual/tunables.texi | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/manual/tunables.texi b/manual/tunables.texi index be97190d67..4a7d04dc0d 100644 --- a/manual/tunables.texi +++ b/manual/tunables.texi @@ -345,6 +345,16 @@ performance issues of @samp{1}. The default value of this tunable is @samp{2}. @end deftp +@deftp Tunable glibc.rtld.enable_secure +Used to run a program as if it were a setuid process. The only valid value +is @samp{1} as this tunable can only be used to set and not unset +@code{enable_secure}. Setting this tunable to @samp{1} also disables all other +tunables. This tunable is intended to facilitate more extensive verification +tests for @code{AT_SECURE} programs and not meant to be a security feature. + +The default value of this tunable is @samp{0}. +@end deftp + @node Elision Tunables @section Elision Tunables @cindex elision tunables