Propagate GLIBC_TUNABLES in setxid binaries

GLIBC_TUNABLES scrubbing happens earlier than envvar scrubbing and some tunables are required to propagate past setxid boundary, like their env_alias. Rely on tunable scrubbing to clean out GLIBC_TUNABLES like before, restoring behaviour in glibc 2.37 and earlier. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
author: Siddhesh Poyarekar <siddhesh@sourceware.org> 2023-09-19 13:25:40 -0400
committer: Siddhesh Poyarekar <siddhesh@sourceware.org> 2023-10-02 15:35:05 -0400
commit: 0d5f9ea97f1b39f2a855756078771673a68497e1 (patch)
tree: c9ef67485fda9dda07ffba2aa4f24f8b04c0145d
parent: 9e4e896f0f5a19a16c1a77567463b013a0f4952d (diff)
download: glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar
glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar.gz
glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar.bz2
glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h
index 81397fb90b..8278c50a84 100644
--- a/sysdeps/generic/unsecvars.h
+++ b/sysdeps/generic/unsecvars.h
@@ -4,7 +4,6 @@
 #define UNSECURE_ENVVARS \
   "GCONV_PATH\0"							      \
   "GETCONF_DIR\0"							      \
-  "GLIBC_TUNABLES\0"							      \
   "HOSTALIASES\0"							      \
   "LD_AUDIT\0"								      \
   "LD_DEBUG\0"								      \
author	Siddhesh Poyarekar <siddhesh@sourceware.org>	2023-09-19 13:25:40 -0400
committer	Siddhesh Poyarekar <siddhesh@sourceware.org>	2023-10-02 15:35:05 -0400
commit	0d5f9ea97f1b39f2a855756078771673a68497e1 (patch)
tree	c9ef67485fda9dda07ffba2aa4f24f8b04c0145d
parent	9e4e896f0f5a19a16c1a77567463b013a0f4952d (diff)
download	glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar.gz glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.tar.bz2 glibc-0d5f9ea97f1b39f2a855756078771673a68497e1.zip