glibc/sysdeps/generic/unsecvars.h
Ulrich Drepper 00a121627c Update.
2004-12-01  Jakub Jelinek  <jakub@redhat.com>

	* elf/rtld.c (process_envvars): Don't consider LD_SHOW_AUXV
	and LD_DYNAMIC_WEAK if __libc_enable_secure.
	If __libc_enable_secure, /etc/suid-debug doesn't exist and
	program will be actually run, turn off all debugging.
	* sysdeps/generic/unsecvars.h (UNSECURE_ENVVARS): Add LD_DEBUG,
	LD_DYNAMIC_WEAK and LD_SHOW_AUXV.
2004-12-07 06:55:06 +00:00

25 lines
835 B
C

/* Environment variable to be removed for SUID programs. The names are
all stuffed in a single string which means they have to be terminated
with a '\0' explicitly. */
#define UNSECURE_ENVVARS \
"LD_PRELOAD\0" \
"LD_LIBRARY_PATH\0" \
"LD_ORIGIN_PATH\0" \
"LD_DEBUG\0" \
"LD_DEBUG_OUTPUT\0" \
"LD_PROFILE\0" \
"LD_USE_LOAD_BIAS\0" \
"LD_DYNAMIC_WEAK\0" \
"LD_SHOW_AUXV\0" \
"GCONV_PATH\0" \
"GETCONF_DIR\0" \
"HOSTALIASES\0" \
"LOCALDOMAIN\0" \
"LOCPATH\0" \
"MALLOC_TRACE\0" \
"NLSPATH\0" \
"RESOLV_HOST_CONF\0" \
"RES_OPTIONS\0" \
"TMPDIR\0" \
"TZDIR\0"