]>
Commit | Line | Data |
---|---|---|
1 | --- glibc/elf/rtld.c | |
2 | +++ glibc/elf/rtld.c | |
3 | @@ -2641,6 +2641,24 @@ process_envvars (enum mode *modep) | |
4 | GLRO(dl_debug_mask) = 0; | |
5 | } | |
6 | ||
7 | + if (__builtin_expect(GLRO(dl_lazy), 1)) { | |
8 | + /* disable lazy bindings for SUID binaries. | |
9 | + * All this funky code is so people can disable this behavior for | |
10 | + * certain [broken] binaries (like Xorg). Once Xorg gets fixed, | |
11 | + * we can reduce all of this to one file (like above with suid-debug). | |
12 | + */ | |
13 | +#define _SUID_BIND_PATH "/etc/suid-bind-now/" | |
14 | + char _bind_now_check[100] = _SUID_BIND_PATH; | |
15 | + if (rtld_progname) { | |
16 | + size_t proglen = strlen(rtld_progname); | |
17 | + if (proglen + sizeof(_SUID_BIND_PATH) < sizeof(_bind_now_check)) | |
18 | + /* include the null byte in the copy */ | |
19 | + memcpy(_bind_now_check + sizeof(_SUID_BIND_PATH), rtld_progname, proglen+1); | |
20 | + } | |
21 | + if (!rtld_progname || __access(_bind_now_check, F_OK) != 0) | |
22 | + GLRO(dl_lazy) = 0; | |
23 | + } | |
24 | + | |
25 | if (mode != normal) | |
26 | _exit (5); | |
27 | } |