[PATCH][2.24] Drop GLIBC_TUNABLES in setxid processes

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH][2.24] Drop GLIBC_TUNABLES in setxid processes

Siddhesh Poyarekar-9
Drop the GLIBC_TUNABLES environment variable from the environment of
setxid processes to avoid passing it on to non-setxid children.  This
prevents potentially insecure tunables in the GLIBC_TUNABLES envvar
from crossing over into a child that may use a libc that has tunables
support.

Tested on x86_64.  If this has an ack, I'll backport it to 2.23
and 2.22.  Distro maintainers please feel free to backport it further
down if needed.

Siddhesh

        * sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
---
 sysdeps/generic/unsecvars.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h
index d5b8119..3e56538 100644
--- a/sysdeps/generic/unsecvars.h
+++ b/sysdeps/generic/unsecvars.h
@@ -4,6 +4,7 @@
 #define UNSECURE_ENVVARS \
   "GCONV_PATH\0"      \
   "GETCONF_DIR\0"      \
+  "GLIBC_TUNABLES\0"      \
   "HOSTALIASES\0"      \
   "LD_AUDIT\0"      \
   "LD_DEBUG\0"      \
--
2.7.4

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH][2.24] Drop GLIBC_TUNABLES in setxid processes

Siddhesh Poyarekar-8
I've pushed this because it is now essentially just a backport of 2/2 of
the tunables environment variable fixes.

Siddhesh

On Sunday 29 January 2017 11:41 PM, Siddhesh Poyarekar wrote:

> Drop the GLIBC_TUNABLES environment variable from the environment of
> setxid processes to avoid passing it on to non-setxid children.  This
> prevents potentially insecure tunables in the GLIBC_TUNABLES envvar
> from crossing over into a child that may use a libc that has tunables
> support.
>
> Tested on x86_64.  If this has an ack, I'll backport it to 2.23
> and 2.22.  Distro maintainers please feel free to backport it further
> down if needed.
>
> Siddhesh
>
> * sysdeps/generic/unsecvars.h: Add GLIBC_TUNABLES.
> ---
>  sysdeps/generic/unsecvars.h | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h
> index d5b8119..3e56538 100644
> --- a/sysdeps/generic/unsecvars.h
> +++ b/sysdeps/generic/unsecvars.h
> @@ -4,6 +4,7 @@
>  #define UNSECURE_ENVVARS \
>    "GCONV_PATH\0"      \
>    "GETCONF_DIR\0"      \
> +  "GLIBC_TUNABLES\0"      \
>    "HOSTALIASES\0"      \
>    "LD_AUDIT\0"      \
>    "LD_DEBUG\0"      \
>