elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static

It mimics the ld.so behavior. Checked on x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-11-21 20:40:05 +00:00 · 2023-11-06 17:25:49 -03:00 · 2023-11-06 17:25:49 -03:00 · 5451fa962c
commit 5451fa962c
parent a0f9bfc3a5
1 changed files with 16 additions and 16 deletions
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@ -272,8 +272,6 @@ _dl_non_dynamic_init (void)
  _dl_main_map.l_phdr = GL(dl_phdr);
  _dl_main_map.l_phnum = GL(dl_phnum);

-  _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
-
  /* Set up the data structures for the system-supplied DSO early,
     so they can influence _dl_init_paths.  */
  setup_vdso (NULL, NULL);
@ -281,6 +279,22 @@ _dl_non_dynamic_init (void)
  /* With vDSO setup we can initialize the function pointers.  */
  setup_vdso_pointers ();

+  if (__libc_enable_secure)
+    {
+      static const char unsecure_envvars[] =
+	UNSECURE_ENVVARS
+	;
+      const char *cp = unsecure_envvars;
+
+      while (cp < unsecure_envvars + sizeof (unsecure_envvars))
+	{
+	  __unsetenv (cp);
+	  cp = strchr (cp, '\0') + 1;
+	}
+    }
+
+  _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
+
  /* Initialize the data structures for the search paths for shared
     objects.  */
  _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
@ -297,20 +311,6 @@ _dl_non_dynamic_init (void)

  _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';

-  if (__libc_enable_secure)
-    {
-      static const char unsecure_envvars[] =
-	UNSECURE_ENVVARS
-	;
-      const char *cp = unsecure_envvars;
-
-      while (cp < unsecure_envvars + sizeof (unsecure_envvars))
-	{
-	  __unsetenv (cp);
-	  cp = strchr (cp, '\0') + 1;
-	}
-    }
-
 #ifdef DL_PLATFORM_INIT
  DL_PLATFORM_INIT;
 #endif