Hello Michael, Yury > What do you think of the alternative patch below? Thank you, the patch you proposed looks much better. >>> While at it, could you also mention that /etc/suid-debug enables >>> LD_DEBUG for suids? >> >> Does it? I can't see that in the glibc source. Am I missing something? >I was looking at process_envvars (in rtld.c): it resets dl_debug_mask for AT_SECURE binaries unless /etc/suid-debug exists. So I think it should mentioned in LD_DEBUG environment variable description, here: .B LD_DEBUG -is ignored for set-user-ID/set-group-ID binaries. +is ignored in secure-execution mode. +However, if the file +.IR /etc/suid\-debug +exists (the content of the file is irrelevant), then +.BR LD_DEBUG +has an effect in secure-execution mode. .TP Regards, Maria -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
