git: d81f999ac223 - main - rtld direct exec: add option to ignore LD_ variables
Alexander Richardson
arichardson at freebsd.org
Wed Jun 2 21:00:29 UTC 2021
On Sat, 29 May 2021 at 15:59, Konstantin Belousov <kib at freebsd.org> wrote:
>
> The branch main has been updated by kib:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=d81f999ac22342789f2b3e21206d83d410be4df3
>
> commit d81f999ac22342789f2b3e21206d83d410be4df3
> Author: Konstantin Belousov <kib at FreeBSD.org>
> AuthorDate: 2021-05-28 23:59:07 +0000
> Commit: Konstantin Belousov <kib at FreeBSD.org>
> CommitDate: 2021-05-29 14:59:09 +0000
>
> rtld direct exec: add option to ignore LD_ variables
>
> Sponsored by: The FreeBSD Foundation
> MFC after: 1 week
> ---
> libexec/rtld-elf/rtld.1 | 10 +++++++++-
> libexec/rtld-elf/rtld.c | 3 +++
> 2 files changed, 12 insertions(+), 1 deletion(-)
>
> diff --git a/libexec/rtld-elf/rtld.1 b/libexec/rtld-elf/rtld.1
> index 7f633ce0b486..16466c7a853e 100644
> --- a/libexec/rtld-elf/rtld.1
> +++ b/libexec/rtld-elf/rtld.1
> @@ -28,7 +28,7 @@
> .\"
> .\" $FreeBSD$
> .\"
> -.Dd March 24, 2021
> +.Dd May 29, 2021
> .Dt RTLD 1
> .Os
> .Sh NAME
> @@ -131,6 +131,7 @@ all the environment variables listed below, but is being prefixed with
> .Ev LD_32_ ,
> for example:
> .Ev LD_32_TRACE_LOADED_OBJECTS .
> +If the activated image is setuid or setgid, the variables are ignored.
> .Bl -tag -width ".Ev LD_LIBMAP_DISABLE"
> .It Ev LD_DUMP_REL_POST
> If set,
> @@ -313,6 +314,8 @@ The syntax of the direct invocation is
> .Op Fl b Ar exe
> .Op Fl f Ar fd
> .Op Fl p
> +.Op Fl t
> +.Op Fl v
> .Op Fl -
> .Pa image_path
> .Op Ar image arguments
> @@ -353,6 +356,11 @@ character,
> uses the search path provided by the environment variable
> .Dv PATH
> to find the binary to execute.
> +.It Fl t
> +Ignore all
> +.Ev LD_
> +environment variables that otherwise affect the dynamic
> +linker behavior.
> .It Fl v
> Display information about this run-time linker binary, then exit.
> .It Fl -
> diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
> index 75c502e8cc85..a517de83b8f5 100644
> --- a/libexec/rtld-elf/rtld.c
> +++ b/libexec/rtld-elf/rtld.c
> @@ -5793,6 +5793,8 @@ parse_args(char* argv[], int argc, bool *use_pathp, int *fdp,
> break;
> } else if (opt == 'p') {
> *use_pathp = true;
> + } else if (opt == 't') {
> + trust = false;
Hi,
In CheriBSD I used the -t flag to set ld_tracing = "yes" (we used this
in ldd). I've been meaning to submit this as a review, but haven't got
around to it yet. How do you feel about using "-u" for "untrusted" or
"-i" for "ignore" here instead of "-t"?
Thanks,
Alex
> } else if (opt == 'v') {
> machine[0] = '\0';
> mib[0] = CTL_HW;
> @@ -5863,6 +5865,7 @@ print_usage(const char *argv0)
> " -b <exe> Execute <exe> instead of <binary>, arg0 is <binary>\n"
> " -f <FD> Execute <FD> instead of searching for <binary>\n"
> " -p Search in PATH for named binary\n"
> + " -t Ignore LD_ environment variables\n"
> " -v Display identification information\n"
> " -- End of RTLD options\n"
> " <binary> Name of process to execute\n"
More information about the dev-commits-src-main
mailing list