diff options
author | Joe Simmons-Talbott <josimmon@redhat.com> | 2024-02-29 19:55:58 +0000 |
---|---|---|
committer | Joe Talbott <joetalbott@gmail.com> | 2024-02-29 19:55:58 +0000 |
commit | 71648e80042658f23965924616fb7db9c2fccff9 (patch) | |
tree | 6f8e71df3792ff126df2b7c74cef072af8a28df7 /NEWS | |
parent | 9b7091415af47082664717210ac49d51551456ab (diff) | |
download | glibc-71648e80042658f23965924616fb7db9c2fccff9.zip glibc-71648e80042658f23965924616fb7db9c2fccff9.tar.gz glibc-71648e80042658f23965924616fb7db9c2fccff9.tar.bz2 |
rtld: Add glibc.rtld.enable_secure tunable.
Add a tunable for setting __libc_enable_secure to 1. Do not set
__libc_enable_secure to 0 if the tunable is set to 0. Ignore all
tunables if glib.rtld.enable_secure is set. One use-case for this
addition is to enable testing code paths that depend on
__libc_enable_secure being set without the need to use setxid binaries.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -103,6 +103,11 @@ Major new features: exp, expf, exp10, exp10f, exp2, exp2f, expm1, expm1f, log, logf, log10, log10f, log1p, log1pf, log2, log2f, sin, sinf, tan, tanf. +* A new tunable, glibc.rtld.enable_secure, used to run a program + as if it were a setuid process. This is currently a testing tool to allow + more extensive verification tests for AT_SECURE programs and not meant to + be a security feature. + Deprecated and removed features, and other changes affecting compatibility: * The ldconfig program now skips file names containing ';' or ending in |