aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAdhemerval Zanella <adhemerval.zanella@linaro.org>2023-11-06 17:25:50 -0300
committerAdhemerval Zanella <adhemerval.zanella@linaro.org>2023-11-21 16:15:42 -0300
commit780c33920281c5d5cc42a1e578bdc9218e675405 (patch)
tree0c9a2092030fee5b8d2510e655da69a2a7588494
parent5451fa962cd0a90a0e2ec1d8910a559ace02bba0 (diff)
downloadglibc-780c33920281c5d5cc42a1e578bdc9218e675405.zip
glibc-780c33920281c5d5cc42a1e578bdc9218e675405.tar.gz
glibc-780c33920281c5d5cc42a1e578bdc9218e675405.tar.bz2
elf: Add comments on how LD_AUDIT and LD_PRELOAD handle __libc_enable_secure
To make explicit why __libc_enable_secure is not checked. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-rw-r--r--elf/rtld.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/elf/rtld.c b/elf/rtld.c
index 7d4c843..0553c05 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2561,6 +2561,10 @@ process_envvars (struct dl_main_state *state)
process_dl_debug (state, &envline[6]);
break;
}
+ /* For __libc_enable_secure mode, audit pathnames containing slashes
+ are ignored. Also, shared audit objects are only loaded only from
+ the standard search directories and only if they have set-user-ID
+ mode bit enabled. */
if (memcmp (envline, "AUDIT", 5) == 0)
audit_list_add_string (&state->audit_list, &envline[6]);
break;
@@ -2573,7 +2577,10 @@ process_envvars (struct dl_main_state *state)
break;
}
- /* List of objects to be preloaded. */
+ /* For __libc_enable_secure mode, preload pathnames containing slashes
+ are ignored. Also, shared objects are only preloaded from the
+ standard search directories and only if they have set-user-ID mode
+ bit enabled. */
if (memcmp (envline, "PRELOAD", 7) == 0)
{
state->preloadlist = &envline[8];