Annotation of /trunk/glibc/patches/glibc-2.12.2-ignore-origin-of-privileged-program.patch
Parent Directory | Revision Log
Revision 1246 -
(hide annotations)
(download)
Tue Jan 11 10:17:21 2011 UTC (13 years, 8 months ago) by niro
File size: 769 byte(s)
Tue Jan 11 10:17:21 2011 UTC (13 years, 8 months ago) by niro
File size: 769 byte(s)
security fix, fixes CVE-2010-3847
1 | niro | 1246 | From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001 |
2 | From: Andreas Schwab <schwab@redhat.com> | ||
3 | Date: Thu, 9 Dec 2010 15:00:59 +0100 | ||
4 | Subject: [PATCH 1/1] Ignore origin of privileged program | ||
5 | |||
6 | --- | ||
7 | ChangeLog | 5 +++++ | ||
8 | elf/dl-object.c | 3 +++ | ||
9 | 2 files changed, 8 insertions(+), 0 deletions(-) | ||
10 | |||
11 | diff --git a/elf/dl-object.c b/elf/dl-object.c | ||
12 | index 22a1635..7674d49 100644 | ||
13 | --- a/elf/dl-object.c | ||
14 | +++ b/elf/dl-object.c | ||
15 | @@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type, | ||
16 | out: | ||
17 | new->l_origin = origin; | ||
18 | } | ||
19 | + else if (INTUSE(__libc_enable_secure) && type == lt_executable) | ||
20 | + /* The origin of a privileged program cannot be trusted. */ | ||
21 | + new->l_origin = (char *) -1; | ||
22 | |||
23 | return new; | ||
24 | } | ||
25 | -- | ||
26 | 1.7.2 |