HEX
Server: Apache
System: Linux scp1.abinfocom.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: confeduphaar (1010)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /usr/src/glibc/debian/patches/ubuntu/
Upload Files
File: //usr/src/glibc/debian/patches/ubuntu/local-disable-ld_audit.diff
Description: pro-actively disable LD_AUDIT for setuid binaries, regardless
 of where the libraries are loaded from. This is to try to make sure that
 CVE-2010-3856 cannot sneak back in. Upstream is unlikely to take this,
 since it limits the functionality of LD_AUDIT.
Author: Kees Cook <kees@ubuntu.com>
Author: Adam Conrad <adconrad@0c3.net>

Index: eglibc-2.15/elf/rtld.c
===================================================================
--- eglibc-2.15.orig/elf/rtld.c	2012-05-09 10:05:29.456899131 -0700
+++ eglibc-2.15/elf/rtld.c	2012-05-09 10:38:53.952009069 -0700
@@ -2442,7 +2442,7 @@
   char *p;
 
   while ((p = (strsep) (&str, ":")) != NULL)
-    if (dso_name_valid_for_suid (p))
+    if (! __glibc_unlikely (__libc_enable_secure) && dso_name_valid_for_suid (p))
       {
 	/* This is using the local malloc, not the system malloc.  The
 	   memory can never be freed.  */
@ Telegram