projects / musl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c0f3441) | patch
security hardening: ensure suid programs have valid stdin/out/err
authorRich Felker <dalias@aerifal.cx>
Tue, 23 Aug 2011 13:37:39 +0000 (09:37 -0400)
committerRich Felker <dalias@aerifal.cx>
Tue, 23 Aug 2011 13:37:39 +0000 (09:37 -0400)
commitdf0b5a49406763aa4719dfad561a5de8924ecd59
tree0d5dc42698f2b710dd27156554b10230ba21256btree | snapshot
parentc0f344160d22d889460573d003cf349626a38184commit | diff
security hardening: ensure suid programs have valid stdin/out/err

this behavior (opening fds 0-2 for a suid program) is explicitly
allowed (but not required) by POSIX to protect badly-written suid
programs from clobbering files they later open.

this commit does add some cost in startup code, but the availability
of auxv and the security flag will be useful elsewhere in the future.
in particular auxv is needed for static-linked vdso support, which is
still waiting to be committed (sorry nik!)
arch/i386/atomic.h diff | blob | history
arch/x86_64/atomic.h diff | blob | history
src/env/__environ.c diff | blob | history
src/env/__init_security.c [new file with mode: 0644] blob
src/env/__libc_start_main.c diff | blob | history
src/internal/libc.h diff | blob | history
musl