This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Add LD_PRELOAD_INIT_EARLY [BZ #14379]
- From: Joseph Myers <joseph at codesourcery dot com>
- To: Vincent Whitchurch <vincent dot whitchurch at axis dot com>
- Cc: <libc-alpha at sourceware dot org>, Vincent Whitchurch <rabinv at axis dot com>
- Date: Thu, 14 Feb 2019 17:43:26 +0000
- Subject: Re: [PATCH] Add LD_PRELOAD_INIT_EARLY [BZ #14379]
- References: <20190214170852.30862-1-vincent.whitchurch@axis.com>
This patch is missing a NEWS update to discuss the new feature. (It seems
the manual generally lacks documentation of LD_* variables; if they were
documented, an update there would be needed as well.)
The commit message needs to discuss security issues (that applies to any
proposed change to glibc that makes its behavior depend on some
environment variable, probably we should add that point to the
contribution checklist). What effect does this have in setuid programs?
Is it ignored, by existing or new code? If not ignored, how can you
demonstrate that to be safe in all cases where LD_PRELOAD is handled and
safe for such programs?
(To confirm for anyone else looking at the patch: there is an FSF
copyright assignment on file from Axis Communications, for a list of
projects including glibc, dated 1999-05-28.)
--
Joseph S. Myers
joseph@codesourcery.com