This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH][2.24] Drop GLIBC_TUNABLES in setxid processes

From: Siddhesh Poyarekar <siddhesh at sourceware dot org>
To: libc-alpha at sourceware dot org
Cc: fweimer at redhat dot com
Date: Sun, 29 Jan 2017 23:41:59 +0530
Subject: [PATCH][2.24] Drop GLIBC_TUNABLES in setxid processes
Authentication-results: sourceware.org; auth=none

Drop the GLIBC_TUNABLES environment variable from the environment of
setxid processes to avoid passing it on to non-setxid children.  This
prevents potentially insecure tunables in the GLIBC_TUNABLES envvar
from crossing over into a child that may use a libc that has tunables
support.

Tested on x86_64.  If this has an ack, I'll backport it to 2.23
and 2.22.  Distro maintainers please feel free to backport it further
down if needed.

Siddhesh

	* sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
---
 sysdeps/generic/unsecvars.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h
index d5b8119..3e56538 100644
--- a/sysdeps/generic/unsecvars.h
+++ b/sysdeps/generic/unsecvars.h
@@ -4,6 +4,7 @@
 #define UNSECURE_ENVVARS \
   "GCONV_PATH\0"							      \
   "GETCONF_DIR\0"							      \
+  "GLIBC_TUNABLES\0"							      \
   "HOSTALIASES\0"							      \
   "LD_AUDIT\0"								      \
   "LD_DEBUG\0"								      \
-- 
2.7.4

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]