From a014cecd82b71b70a6a843e250e06b541ad524f7 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 15 Oct 2015 09:23:07 +0200 Subject: Always enable pointer guard [BZ #18928] Honoring the LD_POINTER_GUARD environment variable in AT_SECURE mode has security implications. This commit enables pointer guard unconditionally, and the environment variable is now ignored. [BZ #18928] * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove _dl_pointer_guard member. * elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard initializer. (security_init): Always set up pointer guard. (process_envvars): Do not process LD_POINTER_GUARD. --- NEWS | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index d4e8b4a..0491a27 100644 --- a/NEWS +++ b/NEWS @@ -16,11 +16,14 @@ Version 2.23 18265, 18370, 18421, 18480, 18525, 18595, 18589, 18610, 18618, 18647, 18661, 18674, 18675, 18681, 18724, 18757, 18778, 18781, 18787, 18789, 18790, 18795, 18796, 18803, 18820, 18823, 18824, 18825, 18857, 18863, - 18870, 18872, 18873, 18875, 18887, 18921, 18951, 18952, 18956, 18961, - 18966, 18967, 18969, 18970, 18977, 18980, 18981, 18985, 19003, 19007, - 19012, 19016, 19018, 19032, 19046, 19049, 19050, 19059, 19071, 19074, - 19076, 19077, 19078, 19079, 19085, 19086, 19088, 19094, 19095, 19124, - 19125, 19129, 19134 + 18870, 18872, 18873, 18875, 18887, 18921, 18928, 18951, 18952, 18956, + 18961, 18966, 18967, 18969, 18970, 18977, 18980, 18981, 18985, 19003, + 19007, 19012, 19016, 19018, 19032, 19046, 19049, 19050, 19059, 19071, + 19074, 19076, 19077, 19078, 19079, 19085, 19086, 19088, 19094, 19095, + 19124, 19125, 19129, 19134 + +* The LD_POINTER_GUARD environment variable can no longer be used to + disable the pointer guard feature. It is always enabled. * The obsolete header has been removed. Programs that require this header must be updated to use instead. -- cgit v1.1