From 18c5126084749b1c6b80c325aaa329a9b50c43b2 Mon Sep 17 00:00:00 2001 From: Andreas Jaeger Date: Wed, 10 Jan 2001 16:52:19 +0000 Subject: [PATCH] * elf/rtld.c (process_envvars): Place output files for profiling in SUID binaries in /var/profile. * elf/dl-load.c (_dl_map_object): Don't look in cache for preloading in SUID binaries. * elf/dl-profile.c (_dl_start_profile): Open the output file with O_NOFOLLOW if possible. * sysdeps/generic/segfault.c (install_handler): Check output file name with access(). --- elf/dl-load.c | 4 ++-- elf/dl-profile.c | 9 +++++++-- elf/rtld.c | 4 ++-- sysdeps/generic/segfault.c | 4 ++-- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/elf/dl-load.c b/elf/dl-load.c index 3c416f9c106..2c95d82587d 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -1,5 +1,5 @@ /* Map in a shared object's segments from the file. - Copyright (C) 1995, 1996, 1997, 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1995, 1996, 1997, 1998, 1999, 2001 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -1338,7 +1338,7 @@ _dl_map_object (struct link_map *loader, const char *name, int preloaded, if (fd == -1 && env_path_list != NULL) fd = open_path (name, namelen, preloaded, env_path_list, &realname); - if (fd == -1) + if (fd == -1 && (! preloaded || ! __libc_enable_secure)) { /* Check the list of libraries in the file /etc/ld.so.cache, for compatibility with Linux's ldconfig program. */ diff --git a/elf/dl-profile.c b/elf/dl-profile.c index a9f8dd62269..2582850ea49 100644 --- a/elf/dl-profile.c +++ b/elf/dl-profile.c @@ -1,5 +1,5 @@ /* Profiling of shared libraries. - Copyright (C) 1997, 1998 Free Software Foundation, Inc. + Copyright (C) 1997, 1998, 2001 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper , 1997. Based on the BSD mcount implementation. @@ -263,7 +263,12 @@ _dl_start_profile (struct link_map *map, const char *output_dir) *cp++ = '/'; __stpcpy (__stpcpy (cp, _dl_profile), ".profile"); - fd = __open (filename, O_RDWR | O_CREAT, 0666); +#ifdef O_NOFOLLOW +# define EXTRA_FLAGS | O_NOFOLLOW +#else +# define EXTRA_FLAGS +#endif + fd = __open (filename, O_RDWR | O_CREAT EXTRA_FLAGS, 0666); if (fd == -1) { /* We cannot write the profiling data so don't do anything. */ diff --git a/elf/rtld.c b/elf/rtld.c index 1839da122e7..15746c97709 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1,5 +1,5 @@ /* Run time dynamic linker. - Copyright (C) 1995-1999, 2000 Free Software Foundation, Inc. + Copyright (C) 1995-1999, 2000, 2001 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -1273,7 +1273,7 @@ process_envvars (enum mode *modep, int *lazyp) char *debug_output = NULL; /* This is the default place for profiling data file. */ - _dl_profile_output = "/var/tmp"; + _dl_profile_output = __libc_enable_secure ? "/var/profile" : "/var/tmp"; while ((envline = _dl_next_ld_env_entry (&runp)) != NULL) { diff --git a/sysdeps/generic/segfault.c b/sysdeps/generic/segfault.c index 30da438b323..09cbb10adee 100644 --- a/sysdeps/generic/segfault.c +++ b/sysdeps/generic/segfault.c @@ -1,5 +1,5 @@ /* Catch segmentation faults and print backtrace. - Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper , 1998. @@ -236,6 +236,6 @@ install_handler (void) /* Preserve the output file name if there is any given. */ name = getenv ("SEGFAULT_OUTPUT_NAME"); - if (name != NULL && name[0] != '\0') + if (name != NULL && name[0] != '\0' && access (name, R_OK | W_OK) == 0) fname = __strdup (name); } -- 2.47.2