forked from rpms/glibc
87 lines
2.7 KiB
Diff
87 lines
2.7 KiB
Diff
commit 5451fa962cd0a90a0e2ec1d8910a559ace02bba0
|
|
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Date: Mon Nov 6 17:25:49 2023 -0300
|
|
|
|
elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
|
|
|
|
It mimics the ld.so behavior.
|
|
|
|
Checked on x86_64-linux-gnu.
|
|
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
|
|
|
|
Conflicts:
|
|
elf/dl-support.c
|
|
(downstream still uses HAVE_TUNABLES, does not yet
|
|
call setup_vdso_pointers, still supports
|
|
EXTRA_UNSECURE_ENVVARS)
|
|
|
|
diff --git a/elf/dl-support.c b/elf/dl-support.c
|
|
index e9943e889ef447ad..008fd90cb43c8803 100644
|
|
--- a/elf/dl-support.c
|
|
+++ b/elf/dl-support.c
|
|
@@ -314,33 +314,10 @@ _dl_non_dynamic_init (void)
|
|
_dl_main_map.l_phdr = GL(dl_phdr);
|
|
_dl_main_map.l_phnum = GL(dl_phnum);
|
|
|
|
- _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
|
|
-
|
|
/* Set up the data structures for the system-supplied DSO early,
|
|
so they can influence _dl_init_paths. */
|
|
setup_vdso (NULL, NULL);
|
|
|
|
- /* Initialize the data structures for the search paths for shared
|
|
- objects. */
|
|
- _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
|
|
- /* No glibc-hwcaps selection support in statically
|
|
- linked binaries. */
|
|
- NULL, NULL);
|
|
-
|
|
- /* Remember the last search directory added at startup. */
|
|
- _dl_init_all_dirs = GL(dl_all_dirs);
|
|
-
|
|
- _dl_lazy = *(getenv ("LD_BIND_NOW") ?: "") == '\0';
|
|
-
|
|
- _dl_bind_not = *(getenv ("LD_BIND_NOT") ?: "") != '\0';
|
|
-
|
|
- _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
|
|
-
|
|
- _dl_profile_output = getenv ("LD_PROFILE_OUTPUT");
|
|
- if (_dl_profile_output == NULL || _dl_profile_output[0] == '\0')
|
|
- _dl_profile_output
|
|
- = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0];
|
|
-
|
|
if (__libc_enable_secure)
|
|
{
|
|
static const char unsecure_envvars[] =
|
|
@@ -363,6 +340,30 @@ _dl_non_dynamic_init (void)
|
|
#endif
|
|
}
|
|
|
|
+ _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
|
|
+
|
|
+ /* Initialize the data structures for the search paths for shared
|
|
+ objects. */
|
|
+ _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
|
|
+ /* No glibc-hwcaps selection support in statically
|
|
+ linked binaries. */
|
|
+ NULL, NULL);
|
|
+
|
|
+ /* Remember the last search directory added at startup. */
|
|
+ _dl_init_all_dirs = GL(dl_all_dirs);
|
|
+
|
|
+ _dl_lazy = *(getenv ("LD_BIND_NOW") ?: "") == '\0';
|
|
+
|
|
+ _dl_bind_not = *(getenv ("LD_BIND_NOT") ?: "") != '\0';
|
|
+
|
|
+ _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
|
|
+
|
|
+ _dl_profile_output = getenv ("LD_PROFILE_OUTPUT");
|
|
+ if (_dl_profile_output == NULL || _dl_profile_output[0] == '\0')
|
|
+ _dl_profile_output
|
|
+ = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0];
|
|
+
|
|
+
|
|
#ifdef DL_PLATFORM_INIT
|
|
DL_PLATFORM_INIT;
|
|
#endif
|