From ed8d5ffd0a14e84298a15ae2ec9b799010166b28 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Thu, 2 Feb 2017 15:48:06 +0530 Subject: Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073) A setxid program that uses a glibc with tunables disabled may pass on GLIBC_TUNABLES as is to its child processes. If the child process ends up using a different glibc that has tunables enabled, it will end up getting access to unsafe tunables. To fix this, remove GLIBC_TUNABLES from the environment for setxid process. * sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES. * elf/tst-env-setuid-tunables.c (test_child_tunables)[!HAVE_TUNABLES]: Verify that GLIBC_TUNABLES is removed in a setgid process. --- elf/tst-env-setuid-tunables.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'elf') diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c index a563f69..a5f0a81 100644 --- a/elf/tst-env-setuid-tunables.c +++ b/elf/tst-env-setuid-tunables.c @@ -36,6 +36,7 @@ test_child_tunables (void) { const char *val = getenv ("GLIBC_TUNABLES"); +#if HAVE_TUNABLES if (val != NULL && strcmp (val, CHILD_VALSTRING_VALUE) == 0) return 0; @@ -43,6 +44,14 @@ test_child_tunables (void) printf ("Unexpected GLIBC_TUNABLES VALUE %s\n", val); return 1; +#else + if (val != NULL) + { + printf ("GLIBC_TUNABLES not cleared\n"); + return 1; + } + return 0; +#endif } static int -- cgit v1.1