qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Propagate GLIBC_TUNABLES in setxid binaries 

GLIBC_TUNABLES scrubbing happens earlier than envvar scrubbing and some
tunables are required to propagate past setxid boundary, like their
env_alias.  Rely on tunable scrubbing to clean out GLIBC_TUNABLES like
before, restoring behaviour in glibc 2.37 and earlier.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
This commit is contained in:
Siddhesh Poyarekar 2023-09-19 13:25:40 -04:00
parent 9e4e896f0f
commit 0d5f9ea97f
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sysdeps/generic/unsecvars.h
View File

@ -4,7 +4,6 @@
#define UNSECURE_ENVVARS \ #define UNSECURE_ENVVARS \
"GCONV_PATH\0" \ "GCONV_PATH\0" \
"GETCONF_DIR\0" \ "GETCONF_DIR\0" \
"GLIBC_TUNABLES\0" \
"HOSTALIASES\0" \ "HOSTALIASES\0" \
"LD_AUDIT\0" \ "LD_AUDIT\0" \
"LD_DEBUG\0" \ "LD_DEBUG\0" \