ld.so.8: Describe secure-execution mode

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

diff --git a/man8/ld.so.8 b/man8/ld.so.8
index 8a97a77ca1566b027206d7d39024e0575ff9376f..16950f81a9fbd8852bd34cf21780df17b6f2aa63 100644 (file)
--- a/man8/ld.so.8
+++ b/man8/ld.so.8
@@ -175,6 +175,31 @@ Use objects named in
 .I list
 as auditors.
 .SH ENVIRONMENT
+Various environment variable influence the operation of the dynamic linker.
+.\"
+.SS Secure-execution mode
+For security reasons,
+the effects of some environment variables are voided or modified if
+the dynamic linker determines that the binary should be
+run in secure-execution mode.
+This determination is made by checking whether the
+.B AT_SECURE
+entry in the auxiliary vector (see
+.BR getauxval (3))
+has a nonzero value.
+This entry may have a nonzero value for various reasons, including:
+.IP * 3
+The process's real and effective user IDs differ,
+or the real and effective group IDs differ.
+This typically occurs as a result of executing 
+a set-user-ID or set-group-ID program.
+.IP *
+A process with a non-root user ID executed a binary that
+conferred permitted or effective capabilities.
+.IP *
+A nonzero value may have been set by a Linux Security Module.
+.\"
+.SS Environment variables
 Among the more important environment variables are the following:
 .TP
 .B LD_ASSUME_KERNEL
@@ -519,6 +544,7 @@ mtrr, pat, pbe, pge, pn, pse36, sep, ss, sse, sse2, tm
 .BR sprof (1),
 .BR dlopen (3),
 .BR getauxval (3),
+.BR capabilities (7),
 .BR rtld-audit (7),
 .BR ldconfig (8),
 .BR sln (8)