diff options
author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2023-11-06 17:25:50 -0300 |
---|---|---|
committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2023-11-21 16:15:42 -0300 |
commit | 780c33920281c5d5cc42a1e578bdc9218e675405 (patch) | |
tree | 0c9a2092030fee5b8d2510e655da69a2a7588494 | |
parent | 5451fa962cd0a90a0e2ec1d8910a559ace02bba0 (diff) | |
download | glibc-780c33920281c5d5cc42a1e578bdc9218e675405.zip glibc-780c33920281c5d5cc42a1e578bdc9218e675405.tar.gz glibc-780c33920281c5d5cc42a1e578bdc9218e675405.tar.bz2 |
elf: Add comments on how LD_AUDIT and LD_PRELOAD handle __libc_enable_secure
To make explicit why __libc_enable_secure is not checked.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-rw-r--r-- | elf/rtld.c | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -2561,6 +2561,10 @@ process_envvars (struct dl_main_state *state) process_dl_debug (state, &envline[6]); break; } + /* For __libc_enable_secure mode, audit pathnames containing slashes + are ignored. Also, shared audit objects are only loaded only from + the standard search directories and only if they have set-user-ID + mode bit enabled. */ if (memcmp (envline, "AUDIT", 5) == 0) audit_list_add_string (&state->audit_list, &envline[6]); break; @@ -2573,7 +2577,10 @@ process_envvars (struct dl_main_state *state) break; } - /* List of objects to be preloaded. */ + /* For __libc_enable_secure mode, preload pathnames containing slashes + are ignored. Also, shared objects are only preloaded from the + standard search directories and only if they have set-user-ID mode + bit enabled. */ if (memcmp (envline, "PRELOAD", 7) == 0) { state->preloadlist = &envline[8]; |