summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas K. Hüttel <dilfridge@gentoo.org>2023-10-04 21:12:39 +0200
committerAndreas K. Hüttel <dilfridge@gentoo.org>2023-10-04 21:12:39 +0200
commit24fb5ce5969716045eabc6bd216104c59c94917b (patch)
tree70e258af719927080ad031ce8562ac82d235ddc1
parentia64 patch upstreamed (diff)
downloadglibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.tar.gz
glibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.tar.bz2
glibc-patches-24fb5ce5969716045eabc6bd216104c59c94917b.zip
Add patch from altlinux that disables tunable parsing on setuid
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
-rw-r--r--9999/0010-disable-tunables-in-AT_SECURE.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/9999/0010-disable-tunables-in-AT_SECURE.patch b/9999/0010-disable-tunables-in-AT_SECURE.patch
new file mode 100644
index 0000000..4307c89
--- /dev/null
+++ b/9999/0010-disable-tunables-in-AT_SECURE.patch
@@ -0,0 +1,27 @@
+From 5d1686416ab766f3dd0780ab730650c4c0f76ca9 Mon Sep 17 00:00:00 2001
+From: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
+Date: Wed, 20 Sep 2023 05:00:00 +0000
+Subject: [PATCH] elf/dl-tunables.c: avoid processing of tunables in AT_SECURE executables
+
+Complements: owl-alt-sanitize-env
+---
+ elf/dl-tunables.c | 3 +++
+ 1 files changed, 3 insertions(+), 0 deletions(-)
+
+diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
+index 62b7332..e5e9093 100644
+--- a/elf/dl-tunables.c
++++ b/elf/dl-tunables.c
+@@ -274,6 +274,9 @@ __tunables_init (char **envp)
+ size_t len = 0;
+ char **prev_envp = envp;
+
++ if (__glibc_unlikely (__libc_enable_secure))
++ return;
++
+ maybe_enable_malloc_check ();
+
+ while ((envp = get_next_env (envp, &envname, &len, &envval,
+--
+1.7.3.3
+