Contents of /trunk/glibc/patches/glibc-2.12.2-ignore-origin-of-privileged-program.patch
Parent Directory | Revision Log
Revision 1246 -
(show annotations)
(download)
Tue Jan 11 10:17:21 2011 UTC (13 years, 8 months ago) by niro
File size: 769 byte(s)
Tue Jan 11 10:17:21 2011 UTC (13 years, 8 months ago) by niro
File size: 769 byte(s)
security fix, fixes CVE-2010-3847
1 | From d14e6b09d60d52cc12f0396c3106b14e1bd0fe8f Mon Sep 17 00:00:00 2001 |
2 | From: Andreas Schwab <schwab@redhat.com> |
3 | Date: Thu, 9 Dec 2010 15:00:59 +0100 |
4 | Subject: [PATCH 1/1] Ignore origin of privileged program |
5 | |
6 | --- |
7 | ChangeLog | 5 +++++ |
8 | elf/dl-object.c | 3 +++ |
9 | 2 files changed, 8 insertions(+), 0 deletions(-) |
10 | |
11 | diff --git a/elf/dl-object.c b/elf/dl-object.c |
12 | index 22a1635..7674d49 100644 |
13 | --- a/elf/dl-object.c |
14 | +++ b/elf/dl-object.c |
15 | @@ -214,6 +214,9 @@ _dl_new_object (char *realname, const char *libname, int type, |
16 | out: |
17 | new->l_origin = origin; |
18 | } |
19 | + else if (INTUSE(__libc_enable_secure) && type == lt_executable) |
20 | + /* The origin of a privileged program cannot be trusted. */ |
21 | + new->l_origin = (char *) -1; |
22 | |
23 | return new; |
24 | } |
25 | -- |
26 | 1.7.2 |