mirror of
git://sourceware.org/git/glibc.git
synced 2024-11-27 03:41:23 +08:00
Update.
* sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New variable. (__libc_init_secure): Don't do anything if __libc_enable_secure_decided is nonzero. * include/unistd.h: Declare __libc_enable_secure_decided. * elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID, and AT_EGID. If all found, set __libc_enable_secure and __libc_enable_secure_decided.
This commit is contained in:
parent
9946f75ad4
commit
be4d80380a
@ -1,5 +1,14 @@
|
||||
2003-05-05 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
* sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New
|
||||
variable.
|
||||
(__libc_init_secure): Don't do anything if __libc_enable_secure_decided
|
||||
is nonzero.
|
||||
* include/unistd.h: Declare __libc_enable_secure_decided.
|
||||
* elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID,
|
||||
and AT_EGID. If all found, set __libc_enable_secure and
|
||||
__libc_enable_secure_decided.
|
||||
|
||||
* sysdeps/generic/libc-start.c [!SHARED]: Call
|
||||
__libc_check_standard_fds after __libc_init_first.
|
||||
|
||||
|
@ -148,6 +148,10 @@ void
|
||||
internal_function
|
||||
_dl_aux_init (ElfW(auxv_t) *av)
|
||||
{
|
||||
int seen = 0;
|
||||
uid_t uid = 0;
|
||||
gid_t gid = 0;
|
||||
|
||||
for (; av->a_type != AT_NULL; ++av)
|
||||
switch (av->a_type)
|
||||
{
|
||||
@ -168,6 +172,27 @@ _dl_aux_init (ElfW(auxv_t) *av)
|
||||
GL(dl_sysinfo) = av->a_un.a_val;
|
||||
break;
|
||||
#endif
|
||||
case AT_UID:
|
||||
uid ^= av->a_un.a_val;
|
||||
seen |= 1;
|
||||
break;
|
||||
case AT_EUID:
|
||||
uid ^= av->a_un.a_val;
|
||||
seen |= 2;
|
||||
break;
|
||||
case AT_GID:
|
||||
gid ^= av->a_un.a_val;
|
||||
seen |= 4;
|
||||
break;
|
||||
case AT_EGID:
|
||||
gid ^= av->a_un.a_val;
|
||||
seen |= 8;
|
||||
break;
|
||||
}
|
||||
if (seen == 0xf)
|
||||
{
|
||||
__libc_enable_secure = uid != 0 || gid != 0;
|
||||
__libc_enable_secure_decided = 1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
@ -140,6 +140,7 @@ libc_hidden_proto (__sbrk)
|
||||
and some functions contained in the C library ignore various
|
||||
environment variables that normally affect them. */
|
||||
extern int __libc_enable_secure;
|
||||
extern int __libc_enable_secure_decided;
|
||||
#ifdef IS_IN_rtld
|
||||
/* XXX The #ifdef should go. */
|
||||
extern int __libc_enable_secure_internal attribute_hidden;
|
||||
|
@ -1,3 +1,8 @@
|
||||
2003-05-05 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
* sysdeps/i386/tls.h (TLS_DO_SET_THREAD_AREA): Add \n to error
|
||||
messages.
|
||||
|
||||
2003-05-04 Roland McGrath <roland@redhat.com>
|
||||
|
||||
* Makefile ($(objpfx)../libc.so): New target.
|
||||
|
@ -1,3 +1,7 @@
|
||||
2003-05-05 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
* sysdeps/i386/tls.h (TLS_INIT_TP): Include \n in error message.
|
||||
|
||||
2003-05-04 Roland McGrath <roland@redhat.com>
|
||||
|
||||
* Makefile ($(objpfx)../libc.so): New target.
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* Define and initialize the `__libc_enable_secure' flag. Generic version.
|
||||
Copyright (C) 1996, 1997, 1998, 2000 Free Software Foundation, Inc.
|
||||
Copyright (C) 1996, 1997, 1998, 2000, 2003 Free Software Foundation, Inc.
|
||||
This file is part of the GNU C Library.
|
||||
|
||||
The GNU C Library is free software; you can redistribute it and/or
|
||||
@ -23,12 +23,15 @@
|
||||
#include <unistd.h>
|
||||
#include <libc-internal.h>
|
||||
|
||||
/* If nonzero __libc_enable_secure is already set. */
|
||||
int __libc_enable_secure_decided;
|
||||
/* Safest assumption, if somehow the initializer isn't run. */
|
||||
int __libc_enable_secure = 1;
|
||||
|
||||
void
|
||||
__libc_init_secure (void)
|
||||
{
|
||||
if (__libc_enable_secure_decided == 0)
|
||||
__libc_enable_secure = (__geteuid () != __getuid ()
|
||||
|| __getegid () != __getgid ());
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user