Juergen Daubert
53ce63301e
To avoid an unclean unmount of "/" on next shutdown, reload the init process after the glibc update. Either run the included post-install script or use the following command: /sbin/telinit U
27 lines
771 B
Diff
27 lines
771 B
Diff
# http://sourceware.org/ml/libc-hacker/2010-12/msg00001.html
|
|
# new fix for http://seclists.org/fulldisclosure/2010/Oct/257
|
|
|
|
2010-12-09 Andreas Schwab <schwab@redhat.com>
|
|
|
|
* elf/dl-object.c (_dl_new_object): Ignore origin of privileged
|
|
program.
|
|
---
|
|
elf/dl-object.c | 3 +++
|
|
1 files changed, 3 insertions(+), 0 deletions(-)
|
|
|
|
diff --git a/elf/dl-object.c b/elf/dl-object.c
|
|
index 5d15ce1..a34e902 100644
|
|
--- a/elf/dl-object.c
|
|
+++ b/elf/dl-object.c
|
|
@@ -220,6 +220,9 @@ _dl_new_object (char *realname, const char *libname, int type,
|
|
out:
|
|
new->l_origin = origin;
|
|
}
|
|
+ else if (INTUSE(__libc_enable_secure) && type == lt_executable)
|
|
+ /* The origin of a privileged program cannot be trusted. */
|
|
+ new->l_origin = (char *) -1;
|
|
|
|
return new;
|
|
}
|
|
|