* elf/rtld.c (process_envvars): Place output files for profiling

	in SUID binaries in /var/profile.

	* elf/dl-load.c (_dl_map_object): Don't look in cache for
	preloading in SUID binaries.

	* elf/dl-profile.c (_dl_start_profile): Open the output file with
	O_NOFOLLOW if possible.

	* sysdeps/generic/segfault.c (install_handler): Check output file
	name with access().

diff --git a/elf/dl-load.c b/elf/dl-load.c
index 3c416f9c1065173d693bed5ee00f87003698a0d8..2c95d82587d17c7f8f5db7bd66188be1258f20dc 100644 (file)
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1,5 +1,5 @@
 /* Map in a shared object's segments from the file.
-   Copyright (C) 1995, 1996, 1997, 1998, 1999 Free Software Foundation, Inc.
+   Copyright (C) 1995, 1996, 1997, 1998, 1999, 2001 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -1338,7 +1338,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded,
       if (fd == -1 && env_path_list != NULL)
        fd = open_path (name, namelen, preloaded, env_path_list, &realname);
 
-      if (fd == -1)
+      if (fd == -1 && (! preloaded || ! __libc_enable_secure))
        {
          /* Check the list of libraries in the file /etc/ld.so.cache,
             for compatibility with Linux's ldconfig program.  */

diff --git a/elf/dl-profile.c b/elf/dl-profile.c
index a9f8dd622690aa823a5d3d6320101eb90c29b9e6..2582850ea491c503ed015fb1fc5dc8247845bdeb 100644 (file)
--- a/elf/dl-profile.c
+++ b/elf/dl-profile.c
@@ -1,5 +1,5 @@
 /* Profiling of shared libraries.
-   Copyright (C) 1997, 1998 Free Software Foundation, Inc.
+   Copyright (C) 1997, 1998, 2001 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1997.
    Based on the BSD mcount implementation.
@@ -263,7 +263,12 @@ _dl_start_profile (struct link_map *map, const char *output_dir)
   *cp++ = '/';
   __stpcpy (__stpcpy (cp, _dl_profile), ".profile");
 
-  fd = __open (filename, O_RDWR | O_CREAT, 0666);
+#ifdef O_NOFOLLOW
+# define EXTRA_FLAGS | O_NOFOLLOW
+#else
+# define EXTRA_FLAGS
+#endif
+  fd = __open (filename, O_RDWR | O_CREAT EXTRA_FLAGS, 0666);
   if (fd == -1)
     {
       /* We cannot write the profiling data so don't do anything.  */

diff --git a/elf/rtld.c b/elf/rtld.c
index 1839da122e730f09cb7c502b7564102e985a02c8..15746c97709906f1604bf1e9fd402b05ad11ba4a 100644 (file)
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -1,5 +1,5 @@
 /* Run time dynamic linker.
-   Copyright (C) 1995-1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1995-1999, 2000, 2001 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -1273,7 +1273,7 @@ process_envvars (enum mode *modep, int *lazyp)
   char *debug_output = NULL;
 
   /* This is the default place for profiling data file.  */
-  _dl_profile_output = "/var/tmp";
+  _dl_profile_output = __libc_enable_secure ? "/var/profile" : "/var/tmp";
 
   while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)
     {

diff --git a/sysdeps/generic/segfault.c b/sysdeps/generic/segfault.c
index 30da438b323b905b715fc5b49a803c6f773e2962..09cbb10adee577c22da3851972f30ee334566b19 100644 (file)
--- a/sysdeps/generic/segfault.c
+++ b/sysdeps/generic/segfault.c
@@ -1,5 +1,5 @@
 /* Catch segmentation faults and print backtrace.
-   Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
 
@@ -236,6 +236,6 @@ install_handler (void)
 
   /* Preserve the output file name if there is any given.  */
   name = getenv ("SEGFAULT_OUTPUT_NAME");
-  if (name != NULL && name[0] != '\0')
+  if (name != NULL && name[0] != '\0' && access (name, R_OK | W_OK) == 0)
     fname = __strdup (name);
 }