ANNOUNCE: p11-kit 0.18.5
Stef Walter
stefw at redhat.com
Fri Jul 19 07:16:54 PDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 19.07.2013 15:52, Daniel Kahn Gillmor wrote:
> On 07/19/2013 09:46 AM, Stef Walter wrote:
>
>> Perhaps Debian does not have AT_SECURE as a possible value for
>> getauxval(). Is it listed in the manual page?
>
> It's in the manual, at least:
>
>>> 0 dkg at alice:~$ man getauxval | grep -A9 AT_SECURE AT_SECURE Has
>>> a nonzero value if this executable should be treated
>>> securely. Most commonly, a nonzero value indicates that
>>> the process is executing a set-user-ID or set-group-ID
>>> program; alternatively, a nonzero value may be triggered by a
>>> Linux Secu? rity Module. When this value is nonzero, the
>>> dynamic linker disables the use of certain environment
>>> variables (see ld- linux.so(8)) and glibc changes other
>>> aspects of its behavior. (See also secure_getenv(3).)
>>>
>>> 0 dkg at alice:~$
Interesting.
I realize I'm being lazy here, but is there the possibility that
either you or Andreas could make common/tests/frob-getauxval be setgid
and then run it and see what the exit code and output is? On Debian.
Cheers,
Stef
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlHpSlYACgkQe/sRCNknZa/jwgCfVftn9YETPpDXTcuvqOIU7VYM
tRcAoNGI/xUAvGUWXLzxXL9I1oNZPfCN
=nqQR
-----END PGP SIGNATURE-----
More information about the p11-glue
mailing list