Bug#1053470: ld.so: ignore tunables in secure mode
Hi,
On 2023-10-05 09:33, Michael Hudson-Doyle wrote:
> I think that is the sort of conclusion upstream is coming to in
> https://inbox.sourceware.org/libc-alpha/20231003201151.1406279-1-siddhesh@sourceware.org/T/#e9123bc53d892ab6552e05109ce939d531d741092
> too. In any case, the upstream bug tracker / mailing list is probably the
> place to start with this.
I fully agree with that. Let's try to not have a different behavior for
each distribution by getting this done upstream. If it doesn't work we
could look at doing that at the distribution level.
Regards
Aurelien
> On Thu, 5 Oct 2023 at 07:00, Christian Göttsche <cgzones@googlemail.com>
> wrote:
>
> > Package: glibc
> > Version: 2.37-12
> >
> > In the light of the recent privilege escalation vulnerability I'd like
> > to suggest disabling the support for tunables in secure mode (most
> > notably for setuid-binaries).
> > This would mitigate future regressions in the handling of the
> > environment variable and possible vulnerabilities caused by the
> > interaction of particular options with security relevant applications.
> >
> > The support could either be disabled at compile time[1] or at runtime
> > via a file existence check (either by reusing `/etc/suid-debug` or a
> > new one like `/etc/suid-tunables`).
> >
> >
> > [1]:
> > https://git.altlinux.org/gears/g/glibc.git?p=glibc.git;a=commitdiff;h=5d1686416ab766f3dd0780ab730650c4c0f76ca9
> >
> >
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien@aurel32.net http://aurel32.net
Reply to: