Author: robert Date: 2010-02-19 09:18:46 -0700 (Fri, 19 Feb 2010) New Revision: 1543
Modified: branches/Onward/downloads/patches.txt branches/Onward/temporary_system/glibc.txt branches/Onward/things_we_do.txt Log: Removed the Glibc issetugid patch. It is not safer than get*id. Use __libc_enable_secure instead. Modified: branches/Onward/downloads/patches.txt =================================================================== --- branches/Onward/downloads/patches.txt 2010-02-18 22:52:38 UTC (rev 1542) +++ branches/Onward/downloads/patches.txt 2010-02-19 16:18:46 UTC (rev 1543) @@ -35,9 +35,6 @@ # Gettext upstream fixes: http://www.linuxfromscratch.org/~robert/new/patches/gettext-0.17-upstream_fixes-2.diff -# Glibc issetugid() patch: -http://www.linuxfromscratch.org/patches/downloads/glibc/glibc-2.5.1-issetugid-1.patch - # Glibc localedef trampoline patch: http://www.linuxfromscratch.org/patches/downloads/glibc/glibc-2.5.1-localedef_trampoline-1.patch Modified: branches/Onward/temporary_system/glibc.txt =================================================================== --- branches/Onward/temporary_system/glibc.txt 2010-02-18 22:52:38 UTC (rev 1542) +++ branches/Onward/temporary_system/glibc.txt 2010-02-19 16:18:46 UTC (rev 1543) @@ -18,11 +18,6 @@ cp -v elf/rtld.c{,.orig} && sed 's@/etc/ld.so.preload@/tools&@' elf/rtld.c.orig > elf/rtld.c && -# Note/FIXME - The two Sed commands above would ideally be replaced with a -# patch making paths.h and rtld.c use a preprocessor macro, which is set to -# $prefix, or empty if $prefix=/usr. This would accommodate reusing the same -# Glibc source tree in both the temporary and final system. - # The next patch modifies the localedef program so it does not use GCC # Trampoline code (http://gcc.gnu.org/onlinedocs/gccint/Trampolines.html), # which relies on an executable stack to run. Without this patch the localedef @@ -36,17 +31,6 @@ patch -p1 -i ../glibc-2.5.1-pt_pax-1.patch && -# This patch adds the issetugid() function, which is a front-end to the -# __libc_enable_secure() dynamic linker private function. This function -# reports whether the program is running with matching real and effective -# ID's, or not, to determine whether the program is running with set-uid or -# set-gid privileges. Many packages will search for issetugid() and use it if -# found, such as Ncurses. This is safer than allowing each program to -# determine privileges itself because it is tested at a lower level which is -# not manipulatable by the user. Apply this patch with the following command: - -patch -p1 -i ../glibc-2.5.1-issetugid-1.patch && - # This patch resticts the environment, particularly with setuid programs: patch -p1 -i ../glibc-2.8-sanitize_env.diff && Modified: branches/Onward/things_we_do.txt =================================================================== --- branches/Onward/things_we_do.txt 2010-02-18 22:52:38 UTC (rev 1542) +++ branches/Onward/things_we_do.txt 2010-02-19 16:18:46 UTC (rev 1543) @@ -1,3 +1,10 @@ +# The Glibc issetugid() patch is no longer used. issetugid() could be preloaded +# from a user-defined library, just like getuid() or getgid(), so issetugid() +# doesn't have any benefit. In BSD, and Solaris, issetugid() is a kernel syscall +# and is safer. In Linux we should use __libc_enable_secure(), which is similar, +# but requires packages to be patched. All packages should be searched for the +# issetugid() function, and modified to use __libc_enable_secure() instead. + # Object directories are used whenever possible, to support building from # read-only sources. One day this may be usefull, such as building from source # which were unpacked on to a cdrom, or read-only partition. -- http://linuxfromscratch.org/mailman/listinfo/hlfs-book FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
