linker: only re-open std* for setuid programs.
get_AT_SECURE() was getting called before linker_env_init() had
been called, and returning the default value ("true"). This was
causing us to reopen closed stdin, stdout, and stderr for ALL
processes, not just privileged (setuid) processes.
Calling path:
- __linker_init
- soinfo_link_image
- get_AT_SECURE
- __linker_init_post_relocation
- linker_env_init
This change restores the intended behavior of only re-opening
stdin, stdout, and stderr for privileged processes.
Change-Id: I8b085ea6597710ac4c1a3c93f1bf8b81eecb08c0
diff --git a/linker/linker.cpp b/linker/linker.cpp
index 47c45eb..3ce75f1 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -1595,11 +1595,6 @@
return false;
}
- // If this is a setuid/setgid program, close the security hole described in
- // ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc
- if (get_AT_SECURE()) {
- nullify_closed_stdio();
- }
notify_gdb_of_load(si);
return true;
}
@@ -1628,6 +1623,12 @@
// Initialize environment functions, and get to the ELF aux vectors table.
linker_env_init(args);
+ // If this is a setuid/setgid program, close the security hole described in
+ // ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc
+ if (get_AT_SECURE()) {
+ nullify_closed_stdio();
+ }
+
debuggerd_init();
// Get a few environment variables.