From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from purple.birch.relay.mailchannels.net (purple.birch.relay.mailchannels.net [23.83.209.150]) by sourceware.org (Postfix) with ESMTPS id E5AB43858D33 for ; Mon, 20 Nov 2023 22:59:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E5AB43858D33 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org E5AB43858D33 Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=23.83.209.150 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700521196; cv=pass; b=I9PDPJrSaqfgd5dUPWGFFmYSqaib9tTDlp1VV2nKc8BywqFRZchSEAuRMeIi5fOCXc9ZXarli6VC0kKs/Yh45fijG3zb/rUTuLv+FaJNRcuMq3sgrb3FxpoGrAslpiw8lguAuu8TMJNE522+rCPm1moJ7g4HO5h0ZRn7PdzEWjA= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700521196; c=relaxed/simple; bh=TxaYqx1k1Sfqli5W9IV3tQJ0Ejv5cJOKzRsX9DbFKMs=; h=Message-ID:Date:MIME-Version:Subject:To:From; b=D6AQESJgviqOP5SNZwRMEMuIN5NiZu5y261bNNAr98jqvEZ35/C2JiB3IDjuwN/HLTFWBraMOsLUCYd5fbGy5IyqAYPEGkhakpYGcgFQ0uWW58jQjYAZUm5E/xWLX4lp6hmF0iAL5UTl4oy+j2TrUKh244/LFytBREYQzuZJbGs= ARC-Authentication-Results: i=2; server2.sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id DCE467A14C9; Mon, 20 Nov 2023 22:59:53 +0000 (UTC) Received: from pdx1-sub0-mail-a272.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 9D58C7A0819; Mon, 20 Nov 2023 22:59:53 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1700521193; a=rsa-sha256; cv=none; b=DrjWK6qZt/kRqJ7C+NG7ep2EwVLSs9ft3F+69h+eDLjjSkjpJcMyCPu+grQ4v78R451tqs vtSIAC7pOfkbCnl8oEqlkjuM/CfY0+Ay0guOgLyCg4Z6N0JNv9u2ZsLHMQOvBI5tdK129z Fkf/9MBZ6/+Tjg3R7HuxxN14xS2tOr9wYyePDjksFwbyZn6LClGR21GF0tpkFzsMAYZLOM Q2GwIF06O6tmCvl0f9vQNiir+QSZRmE+7k34ClH3JC5BWlVSNuyrSzbnExkPv0cYJWAjgl CIbVARxDBR4Pb8lNLvavJbMpFSt2TidpV03eukZjbw3b0IZ5RVtm8Mn55FJpGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1700521193; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0wdlFYJumLogxfDwwksYLO+labpB+/k2lCfrMqpoPgw=; b=HUPCz+wSORPRbPCWmQp65xZOT89LqrM8JrVahTYL7TvvpGn+mtzvrWV5I8sG33NWylI+02 1Ve3KnjCqy46J6nDUvEWNxQQ8G3z4Kiz+jD0Zu+mDjC/++6Z+CAclHpth6UlgEVGQaat3V TozRCeuadkQj9m/lobhBkJYGnayrnVaUbPdUpuEPwMLZr6XlLLhPG1NAP/JfjDA3BDY9ks +P5Pp269nZBIZiPnk+NMa9yzdAzEL9Y7fK5D24oBiqeJP0mEgzOMaZBLp1CKeF70wkZ+lL SRuEqRiOKaGzcWbLpgM5MoF7Xbc22wwc0PHIG8bYNvlFkxNLahr+ghHcDJNurg== ARC-Authentication-Results: i=1; rspamd-7f8878586f-44gm6; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Industry-Duck: 1102b92b5dc40388_1700521193752_1373824491 X-MC-Loop-Signature: 1700521193752:2163903590 X-MC-Ingress-Time: 1700521193752 Received: from pdx1-sub0-mail-a272.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.119.176.6 (trex/6.9.2); Mon, 20 Nov 2023 22:59:53 +0000 Received: from [192.168.2.12] (bras-vprn-toroon4834w-lp130-02-142-113-138-136.dsl.bell.ca [142.113.138.136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a272.dreamhost.com (Postfix) with ESMTPSA id 4SZ2yd2L2fz6n; Mon, 20 Nov 2023 14:59:53 -0800 (PST) Message-ID: <8604ba2e-9cc6-4adf-8b2b-6a5aa4ebde7a@sourceware.org> Date: Mon, 20 Nov 2023 17:59:53 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3 16/19] elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static Content-Language: en-US To: Adhemerval Zanella , libc-alpha@sourceware.org References: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> <20231106202552.3404059-17-adhemerval.zanella@linaro.org> From: Siddhesh Poyarekar In-Reply-To: <20231106202552.3404059-17-adhemerval.zanella@linaro.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1172.2 required=5.0 tests=BAYES_00,GIT_PATCH_0,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-11-06 15:25, Adhemerval Zanella wrote: > It mimics the ld.so behavior. > > Checked on x86_64-linux-gnu. > --- Reviewed-by: Siddhesh Poyarekar > elf/dl-support.c | 32 ++++++++++++++++---------------- > 1 file changed, 16 insertions(+), 16 deletions(-) > > diff --git a/elf/dl-support.c b/elf/dl-support.c > index 31a608df87..837fa1c836 100644 > --- a/elf/dl-support.c > +++ b/elf/dl-support.c > @@ -272,8 +272,6 @@ _dl_non_dynamic_init (void) > _dl_main_map.l_phdr = GL(dl_phdr); > _dl_main_map.l_phnum = GL(dl_phnum); > > - _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; > - > /* Set up the data structures for the system-supplied DSO early, > so they can influence _dl_init_paths. */ > setup_vdso (NULL, NULL); > @@ -281,6 +279,22 @@ _dl_non_dynamic_init (void) > /* With vDSO setup we can initialize the function pointers. */ > setup_vdso_pointers (); > > + if (__libc_enable_secure) > + { > + static const char unsecure_envvars[] = > + UNSECURE_ENVVARS > + ; > + const char *cp = unsecure_envvars; > + > + while (cp < unsecure_envvars + sizeof (unsecure_envvars)) > + { > + __unsetenv (cp); > + cp = strchr (cp, '\0') + 1; > + } > + } > + > + _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; > + > /* Initialize the data structures for the search paths for shared > objects. */ > _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH", > @@ -297,20 +311,6 @@ _dl_non_dynamic_init (void) > > _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0'; > > - if (__libc_enable_secure) > - { > - static const char unsecure_envvars[] = > - UNSECURE_ENVVARS > - ; > - const char *cp = unsecure_envvars; > - > - while (cp < unsecure_envvars + sizeof (unsecure_envvars)) > - { > - __unsetenv (cp); > - cp = strchr (cp, '\0') + 1; > - } > - } > - > #ifdef DL_PLATFORM_INIT > DL_PLATFORM_INIT; > #endif