AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-01-05 09:01:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073)

Browse Source 
A setxid program that uses a glibc with tunables disabled may pass on
GLIBC_TUNABLES as is to its child processes.  If the child process
ends up using a different glibc that has tunables enabled, it will end
up getting access to unsafe tunables.  To fix this, remove
GLIBC_TUNABLES from the environment for setxid process.

	* sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
	* elf/tst-env-setuid-tunables.c
	(test_child_tunables)[!HAVE_TUNABLES]: Verify that
	GLIBC_TUNABLES is removed in a setgid process.
This commit is contained in:
Siddhesh Poyarekar 2017-02-02 15:48:06 +05:30
parent 8b9e9c3c0b
commit ed8d5ffd0a
3 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,5 +1,10 @@
2017-02-02 Siddhesh Poyarekar <siddhesh@sourceware.org> 2017-02-02 Siddhesh Poyarekar <siddhesh@sourceware.org>
* sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
* elf/tst-env-setuid-tunables.c
(test_child_tunables)[!HAVE_TUNABLES]: Verify that
GLIBC_TUNABLES is removed in a setgid process.
[BZ #21073] [BZ #21073]
* elf/dl-tunable-types.h (tunable_seclevel_t): New enum. * elf/dl-tunable-types.h (tunable_seclevel_t): New enum.
* elf/dl-tunables.c (tunables_strdup): Remove. * elf/dl-tunables.c (tunables_strdup): Remove.

9
elf/tst-env-setuid-tunables.c
View File

@ -36,6 +36,7 @@ test_child_tunables (void)
{ {
const char *val = getenv ("GLIBC_TUNABLES"); const char *val = getenv ("GLIBC_TUNABLES");
#if HAVE_TUNABLES
if (val != NULL && strcmp (val, CHILD_VALSTRING_VALUE) == 0) if (val != NULL && strcmp (val, CHILD_VALSTRING_VALUE) == 0)
return 0; return 0;
@ -43,6 +44,14 @@ test_child_tunables (void)
printf ("Unexpected GLIBC_TUNABLES VALUE %s\n", val); printf ("Unexpected GLIBC_TUNABLES VALUE %s\n", val);
return 1; return 1;
#else
if (val != NULL)
{
printf ("GLIBC_TUNABLES not cleared\n");
return 1;
}
return 0;
#endif
} }
static int static int

7
sysdeps/generic/unsecvars.h
View File

@ -1,9 +1,16 @@
#if !HAVE_TUNABLES
# define GLIBC_TUNABLES_ENVVAR "GLIBC_TUNABLES\0"
#else
# define GLIBC_TUNABLES_ENVVAR
#endif
/* Environment variable to be removed for SUID programs. The names are /* Environment variable to be removed for SUID programs. The names are
all stuffed in a single string which means they have to be terminated all stuffed in a single string which means they have to be terminated
with a '\0' explicitly. */ with a '\0' explicitly. */
#define UNSECURE_ENVVARS \ #define UNSECURE_ENVVARS \
"GCONV_PATH\0" \ "GCONV_PATH\0" \
"GETCONF_DIR\0" \ "GETCONF_DIR\0" \
GLIBC_TUNABLES_ENVVAR \
"HOSTALIASES\0" \ "HOSTALIASES\0" \
"LD_AUDIT\0" \ "LD_AUDIT\0" \
"LD_DEBUG\0" \ "LD_DEBUG\0" \