r1543 - in branches/Onward: . downloads temporary_system

robert at linuxfromscratch.org robert at linuxfromscratch.org
Fri Feb 19 08:18:46 PST 2010

Author: robert
Date: 2010-02-19 09:18:46 -0700 (Fri, 19 Feb 2010)
New Revision: 1543

Removed the Glibc issetugid patch. It is not safer than get*id. Use __libc_enable_secure instead.

Modified: branches/Onward/downloads/patches.txt
--- branches/Onward/downloads/patches.txt	2010-02-18 22:52:38 UTC (rev 1542)
+++ branches/Onward/downloads/patches.txt	2010-02-19 16:18:46 UTC (rev 1543)
@@ -35,9 +35,6 @@
 # Gettext upstream fixes:
-# Glibc issetugid() patch:
 # Glibc localedef trampoline patch:

Modified: branches/Onward/temporary_system/glibc.txt
--- branches/Onward/temporary_system/glibc.txt	2010-02-18 22:52:38 UTC (rev 1542)
+++ branches/Onward/temporary_system/glibc.txt	2010-02-19 16:18:46 UTC (rev 1543)
@@ -18,11 +18,6 @@
 cp -v elf/rtld.c{,.orig} &&
 sed 's@/etc/ld.so.preload@/tools&@' elf/rtld.c.orig > elf/rtld.c &&
-# Note/FIXME - The two Sed commands above would ideally be replaced with a
-# patch making paths.h and rtld.c use a preprocessor macro, which is set to
-# $prefix, or empty if $prefix=/usr. This would accommodate reusing the same
-# Glibc source tree in both the temporary and final system.
 # The next patch modifies the localedef program so it does not use GCC
 # Trampoline code (http://gcc.gnu.org/onlinedocs/gccint/Trampolines.html),
 # which relies on an executable stack to run. Without this patch the localedef
@@ -36,17 +31,6 @@
 patch -p1 -i ../glibc-2.5.1-pt_pax-1.patch &&
-# This patch adds the issetugid() function, which is a front-end to the
-# __libc_enable_secure() dynamic linker private function. This function
-# reports whether the program is running with matching real and effective
-# ID's, or not, to determine whether the program is running with set-uid or
-# set-gid privileges. Many packages will search for issetugid() and use it if
-# found, such as Ncurses. This is safer than allowing each program to
-# determine privileges itself because it is tested at a lower level which is
-# not manipulatable by the user. Apply this patch with the following command:
-patch -p1 -i ../glibc-2.5.1-issetugid-1.patch &&
 # This patch resticts the environment, particularly with setuid programs:
 patch -p1 -i ../glibc-2.8-sanitize_env.diff &&

Modified: branches/Onward/things_we_do.txt
--- branches/Onward/things_we_do.txt	2010-02-18 22:52:38 UTC (rev 1542)
+++ branches/Onward/things_we_do.txt	2010-02-19 16:18:46 UTC (rev 1543)
@@ -1,3 +1,10 @@
+# The Glibc issetugid() patch is no longer used. issetugid() could be preloaded
+# from a user-defined library, just like getuid() or getgid(), so issetugid()
+# doesn't have any benefit. In BSD, and Solaris, issetugid() is a kernel syscall
+# and is safer. In Linux we should use __libc_enable_secure(), which is similar,
+# but requires packages to be patched. All packages should be searched for the
+# issetugid() function, and modified to use __libc_enable_secure() instead.
 # Object directories are used whenever possible, to support building from
 # read-only sources. One day this may be usefull, such as building from source
 # which were unpacked on to a cdrom, or read-only partition.

More information about the hlfs-book mailing list