Skip to content
Commit ed8d5ffd authored by Siddhesh Poyarekar's avatar Siddhesh Poyarekar
Browse files

Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073) 

A setxid program that uses a glibc with tunables disabled may pass on
GLIBC_TUNABLES as is to its child processes.  If the child process
ends up using a different glibc that has tunables enabled, it will end
up getting access to unsafe tunables.  To fix this, remove
GLIBC_TUNABLES from the environment for setxid process.

	* sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
	* elf/tst-env-setuid-tunables.c
	(test_child_tunables)[!HAVE_TUNABLES]: Verify that
	GLIBC_TUNABLES is removed in a setgid process.
parent 8b9e9c3c
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment