Update.

	* sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New
	variable.
	(__libc_init_secure): Don't do anything if __libc_enable_secure_decided
	is nonzero.
	* include/unistd.h: Declare __libc_enable_secure_decided.
	* elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID,
	and AT_EGID.  If all found, set __libc_enable_secure and
	__libc_enable_secure_decided.

6 files changed, 50 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index db7699697b..5cc3a1976d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
 2003-05-05  Ulrich Drepper  <drepper@redhat.com>
 
+	* sysdeps/generic/enbl-secure.c (__libc_enable_secure_decided): New
+	variable.
+	(__libc_init_secure): Don't do anything if __libc_enable_secure_decided
+	is nonzero.
+	* include/unistd.h: Declare __libc_enable_secure_decided.
+	* elf/dl-support.c (_dl_aux_init): Recognize AT_UID, AT_EUID, AT_GID,
+	and AT_EGID.  If all found, set __libc_enable_secure and
+	__libc_enable_secure_decided.
+
 	* sysdeps/generic/libc-start.c [!SHARED]: Call
 	__libc_check_standard_fds after __libc_init_first.
 
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 2ff3d2f905..0d6ce6a12b 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -148,6 +148,10 @@ void
 internal_function
 _dl_aux_init (ElfW(auxv_t) *av)
 {
+  int seen = 0;
+  uid_t uid = 0;
+  gid_t gid = 0;
+
   for (; av->a_type != AT_NULL; ++av)
     switch (av->a_type)
       {
@@ -168,7 +172,28 @@ _dl_aux_init (ElfW(auxv_t) *av)
 	GL(dl_sysinfo) = av->a_un.a_val;
 	break;
 #endif
+      case AT_UID:
+	uid ^= av->a_un.a_val;
+	seen |= 1;
+	break;
+      case AT_EUID:
+	uid ^= av->a_un.a_val;
+	seen |= 2;
+	break;
+      case AT_GID:
+	gid ^= av->a_un.a_val;
+	seen |= 4;
+	break;
+      case AT_EGID:
+	gid ^= av->a_un.a_val;
+	seen |= 8;
+	break;
       }
+  if (seen == 0xf)
+    {
+      __libc_enable_secure = uid != 0 || gid != 0;
+      __libc_enable_secure_decided = 1;
+    }
 }
 #endif
 
diff --git a/include/unistd.h b/include/unistd.h
index eba14514c1..a66e97822d 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -140,6 +140,7 @@ libc_hidden_proto (__sbrk)
    and some functions contained in the C library ignore various
    environment variables that normally affect them.  */
 extern int __libc_enable_secure;
+extern int __libc_enable_secure_decided;
 #ifdef IS_IN_rtld
 /* XXX The #ifdef should go.  */
 extern int __libc_enable_secure_internal attribute_hidden;
diff --git a/linuxthreads/ChangeLog b/linuxthreads/ChangeLog
index 8f695c631f..c435b54e2f 100644
--- a/linuxthreads/ChangeLog
+++ b/linuxthreads/ChangeLog
@@ -1,3 +1,8 @@
+2003-05-05  Ulrich Drepper  <drepper@redhat.com>
+
+	* sysdeps/i386/tls.h (TLS_DO_SET_THREAD_AREA): Add \n to error
+	messages.
+
 2003-05-04  Roland McGrath  <roland@redhat.com>
 
 	* Makefile ($(objpfx)../libc.so): New target.
diff --git a/nptl/ChangeLog b/nptl/ChangeLog
index a1efb2bf26..791d2ece5a 100644
--- a/nptl/ChangeLog
+++ b/nptl/ChangeLog
@@ -1,3 +1,7 @@
+2003-05-05  Ulrich Drepper  <drepper@redhat.com>
+
+	* sysdeps/i386/tls.h (TLS_INIT_TP): Include \n in error message.
+
 2003-05-04  Roland McGrath  <roland@redhat.com>
 
 	* Makefile ($(objpfx)../libc.so): New target.
diff --git a/sysdeps/generic/enbl-secure.c b/sysdeps/generic/enbl-secure.c
index c811712087..fac3b9c527 100644
--- a/sysdeps/generic/enbl-secure.c
+++ b/sysdeps/generic/enbl-secure.c
@@ -1,5 +1,5 @@
 /* Define and initialize the `__libc_enable_secure' flag.  Generic version.
-   Copyright (C) 1996, 1997, 1998, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1996, 1997, 1998, 2000, 2003 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -23,12 +23,15 @@
 #include <unistd.h>
 #include <libc-internal.h>
 
+/* If nonzero __libc_enable_secure is already set.  */
+int __libc_enable_secure_decided;
 /* Safest assumption, if somehow the initializer isn't run.  */
 int __libc_enable_secure = 1;
 
 void
 __libc_init_secure (void)
 {
-  __libc_enable_secure = (__geteuid () != __getuid ()
-			  || __getegid () != __getgid ());
+  if (__libc_enable_secure_decided == 0)
+    __libc_enable_secure = (__geteuid () != __getuid ()
+			    || __getegid () != __getgid ());
 }