diff options
| author |   Andreas K. Hüttel <dilfridge@gentoo.org> | 2023-10-04 21:12:39 +0200 |
|---|---|---|
| committer | Andreas K. Hüttel <dilfridge@gentoo.org> | 2023-10-04 21:12:39 +0200 |
| commit | 24fb5ce5969716045eabc6bd216104c59c94917b (patch) | |
| tree | 70e258af719927080ad031ce8562ac82d235ddc1 | |
| parent | ia64 patch upstreamed (diff) | |
| download | glibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.tar.gz glibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.tar.bz2 glibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.zip | |
Add patch from altlinux that disables tunable parsing on setuid
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
| -rw-r--r-- | 9999/0010-disable-tunables-in-AT_SECURE.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/9999/0010-disable-tunables-in-AT_SECURE.patch b/9999/0010-disable-tunables-in-AT_SECURE.patch new file mode 100644 index 0000000..4307c89 --- /dev/null +++ b/9999/0010-disable-tunables-in-AT_SECURE.patch @@ -0,0 +1,27 @@ +From 5d1686416ab766f3dd0780ab730650c4c0f76ca9 Mon Sep 17 00:00:00 2001 +From: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org> +Date: Wed, 20 Sep 2023 05:00:00 +0000 +Subject: [PATCH] elf/dl-tunables.c: avoid processing of tunables in AT_SECURE executables + +Complements: owl-alt-sanitize-env +--- + elf/dl-tunables.c | 3 +++ + 1 files changed, 3 insertions(+), 0 deletions(-) + +diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c +index 62b7332..e5e9093 100644 +--- a/elf/dl-tunables.c ++++ b/elf/dl-tunables.c +@@ -274,6 +274,9 @@ __tunables_init (char **envp) + size_t len = 0; + char **prev_envp = envp; + ++ if (__glibc_unlikely (__libc_enable_secure)) ++ return; ++ + maybe_enable_malloc_check (); + + while ((envp = get_next_env (envp, &envname, &len, &envval, +-- +1.7.3.3 + |