From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dog.birch.relay.mailchannels.net (dog.birch.relay.mailchannels.net [23.83.209.48]) by sourceware.org (Postfix) with ESMTPS id 032B13858D33 for ; Mon, 20 Nov 2023 22:57:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 032B13858D33 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 032B13858D33 Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=23.83.209.48 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700521056; cv=pass; b=HFZocMbeBy48QhwvsbTgqL9CsVTYJRzNrx+9WSGXRiOAUo2Z8xycHRvFDSnJw7oSayG3CZPfzA+zsJJxy+MR1tYMXwpEYpDRp/f6Z2JHsSgxWQQscacMfwYL05nmKzNTI3KyRaBZaK6gUcWtsOLGY5v+/AjU3ehaH2C9H2KY8zY= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700521056; c=relaxed/simple; bh=nur1laje6ltZn5dOPNvFhPKSNsrW5awpJVNjpuV+vPo=; h=Message-ID:Date:MIME-Version:Subject:To:From; b=lGo8rSLlCSIgMeWnVSdZ8iJvJaKC95pbEb4b4x9GJGn120OYqd9JLa+Vpd3ez9P+NLY6iG9YaZ/9L149lkrCjWPowA6yliqrGq2k4SBu50WdS1IUojSWi/JlJhsP6g7kuzNLcpiitXkU77it7Vr9FXIgK557i/YcoDZ4yJl0lhY= ARC-Authentication-Results: i=2; server2.sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id A865F8275D; Mon, 20 Nov 2023 22:57:33 +0000 (UTC) Received: from pdx1-sub0-mail-a272.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 63BA782710; Mon, 20 Nov 2023 22:57:33 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1700521053; a=rsa-sha256; cv=none; b=NDAYClH+y5wI/gFyIIVSU6mH6NOYxwadIyc0nVbQoeXec1mwOSkzHMDxcCSYwN11lpkyEB WBhalKH7xVYQJhj3IMJ7UeUeQQcSmDCdCWptsflaZixRdjXqTm7evaTBirGYneqfSQzPmW B6mu8DTGvjnP1X+PHWIgfttXBUavfjlQlbw4idsEmDX+/FrCPnnsf2LhdhmASZ9YHLKXgV teB3MoaxcKqWtXeq8AqRYM4uNxgV2bS4DV/tGeNP+KMjODS5+vC1FZVNR6KF9VZkxQKp6W EEEIAtFw6CO+1nrqB2j+FBRMhSHMrhlh6dMTashVK2Ah5YAl9xB9hw/yNsr/Hg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1700521053; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OMJ/Mp+kr6FRmRjft+Bz4cvDCYDGvgTx96N2dkQX8lw=; b=jt/1U0tdEFnlWEH2k+BLm1VSe6BrRnEkG+WtPg3CAU7d1Zu9cRvxwRWm5ET7FjsHhZM3V3 cxyd1XSXDPgu8L/4yJBzNhxcgEjNqnLopJDz7vfWDepfpWt7YqFHj1Msgl1DOV5fHcVTeY RQuTp36tABEMR9aRWW1iCoxKcpihBR4AyUUAcQPw6i+zYIqhZ6Bz/IcL+Ea15Aos/z1qGZ 8ewFhiaK3cN5IfxkYOoyqUVpBKWx+E1fkCWJfmsQ9IHAYUekdKqjDaZYtxDk3PIfCJvxnO klTmVOq8o2zMrlCzn0GGii+nZgRgiy03ek3HQ66iVw7JEv6IBsD1B8LHezhCrg== ARC-Authentication-Results: i=1; rspamd-55bcb54c45-ksbwd; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Hook-Cooperative: 63abffd242562ffc_1700521053530_3787819524 X-MC-Loop-Signature: 1700521053530:3069338986 X-MC-Ingress-Time: 1700521053530 Received: from pdx1-sub0-mail-a272.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.221.9 (trex/6.9.2); Mon, 20 Nov 2023 22:57:33 +0000 Received: from [192.168.2.12] (bras-vprn-toroon4834w-lp130-02-142-113-138-136.dsl.bell.ca [142.113.138.136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a272.dreamhost.com (Postfix) with ESMTPSA id 4SZ2vx0X6Hz87; Mon, 20 Nov 2023 14:57:32 -0800 (PST) Message-ID: Date: Mon, 20 Nov 2023 17:57:27 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3 14/19] elf: Ignore loader debug env vars for setuid Content-Language: en-US To: Adhemerval Zanella , libc-alpha@sourceware.org References: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> <20231106202552.3404059-15-adhemerval.zanella@linaro.org> From: Siddhesh Poyarekar In-Reply-To: <20231106202552.3404059-15-adhemerval.zanella@linaro.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1172.1 required=5.0 tests=BAYES_00,GIT_PATCH_0,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-11-06 15:25, Adhemerval Zanella wrote: > Loader already ignores LD_DEBUG, LD_DEBUG_OUTPUT, and > LD_TRACE_LOADED_OBJECTS. Both LD_WARN and LD_VERBOSE are similar to > LD_DEBUG, in the sense they enable additional checks and debug > information, so it makes sense to disable them. > > Checked on x86_64-linux-gnu. > --- Maybe also put it in unsecvars.h? > elf/rtld.c | 22 ++++++++++++++-------- > elf/tst-env-setuid.c | 2 ++ > 2 files changed, 16 insertions(+), 8 deletions(-) > > diff --git a/elf/rtld.c b/elf/rtld.c > index a09cf2a9df..e7f90d37e7 100644 > --- a/elf/rtld.c > +++ b/elf/rtld.c > @@ -2552,13 +2552,15 @@ process_envvars (struct dl_main_state *state) > { > case 4: > /* Warning level, verbose or not. */ > - if (memcmp (envline, "WARN", 4) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "WARN", 4) == 0) > GLRO(dl_verbose) = envline[5] != '\0'; > break; > > case 5: > /* Debugging of the dynamic linker? */ > - if (memcmp (envline, "DEBUG", 5) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "DEBUG", 5) == 0) > { > process_dl_debug (state, &envline[6]); > break; > @@ -2569,7 +2571,8 @@ process_envvars (struct dl_main_state *state) > > case 7: > /* Print information about versions. */ > - if (memcmp (envline, "VERBOSE", 7) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "VERBOSE", 7) == 0) > { > state->version_info = envline[8] != '\0'; > break; > @@ -2625,7 +2628,8 @@ process_envvars (struct dl_main_state *state) > } > > /* Where to place the profiling data file. */ > - if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "DEBUG_OUTPUT", 12) == 0) > { > debug_output = &envline[13]; > break; > @@ -2646,7 +2650,8 @@ process_envvars (struct dl_main_state *state) > > case 20: > /* The mode of the dynamic linker can be set. */ > - if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) > + if (!__libc_enable_secure > + && memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0) > { > state->mode = rtld_mode_trace; > state->mode_trace_program > @@ -2668,9 +2673,10 @@ process_envvars (struct dl_main_state *state) > } > while (*nextp != '\0'); > > - GLRO(dl_debug_mask) = 0; > - > - if (state->mode != rtld_mode_normal) > + if (GLRO(dl_debug_mask) != 0 > + || GLRO(dl_verbose) != 0 > + || state->mode != rtld_mode_normal > + || state->version_info) > _exit (5); > } > /* If we have to run the dynamic linker in debugging mode and the > diff --git a/elf/tst-env-setuid.c b/elf/tst-env-setuid.c > index 76b8e1fb45..dcf213a4cd 100644 > --- a/elf/tst-env-setuid.c > +++ b/elf/tst-env-setuid.c > @@ -59,6 +59,8 @@ static const struct envvar_t filtered_envvars[] = > { "MALLOC_TRACE", FILTERED_VALUE }, > { "MALLOC_TRIM_THRESHOLD_", FILTERED_VALUE }, > { "RES_OPTIONS", FILTERED_VALUE }, > + { "LD_DEBUG", "all" }, > + { "LD_DEBUG_OUTPUT", "/tmp/some-file" }, > }; > > static const struct envvar_t unfiltered_envvars[] =