12b68e
commit TBD
12b68e
Author: Florian Weimer <fweimer@redhat.com>
12b68e
Date:   Fri May 19 17:46:47 2017 +0200
12b68e
12b68e
    rtld: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs
12b68e
12b68e
LD_LIBRARY_PATH can only be used to reorder system search paths, which
12b68e
is not useful functionality.
12b68e
12b68e
Index: glibc-2.17-c758a686/elf/rtld.c
12b68e
===================================================================
12b68e
--- glibc-2.17-c758a686.orig/elf/rtld.c
12b68e
+++ glibc-2.17-c758a686/elf/rtld.c
12b68e
@@ -2580,7 +2701,8 @@ process_envvars (enum mode *modep)
12b68e
 
12b68e
 	case 12:
12b68e
 	  /* The library search path.  */
12b68e
-	  if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
12b68e
+	  if (!__libc_enable_secure
12b68e
+	      && memcmp (envline, "LIBRARY_PATH", 12) == 0)
12b68e
 	    {
12b68e
 	      library_path = &envline[13];
12b68e
 	      break;