git: 99e1896f20a3 - stable/13 - rtld direct exec: add option to ignore LD_ variables

Fri Jun 4 00:44:27 UTC 2021

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=99e1896f20a3d7702aedc00c1220bdac12d1580a

commit 99e1896f20a3d7702aedc00c1220bdac12d1580a
Author:     Konstantin Belousov <kib at FreeBSD.org>
AuthorDate: 2021-05-28 23:59:07 +0000
Commit:     Konstantin Belousov <kib at FreeBSD.org>
CommitDate: 2021-06-04 00:32:50 +0000

    rtld direct exec: add option to ignore LD_ variables
    
    (cherry picked from commit d81f999ac22342789f2b3e21206d83d410be4df3)
---
 libexec/rtld-elf/rtld.1 | 10 +++++++++-
 libexec/rtld-elf/rtld.c |  3 +++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/libexec/rtld-elf/rtld.1 b/libexec/rtld-elf/rtld.1
index 47bdc028b22d..522382d24b16 100644
--- a/libexec/rtld-elf/rtld.1
+++ b/libexec/rtld-elf/rtld.1
@@ -28,7 +28,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 1, 2020
+.Dd March 24, 2021
 .Dt RTLD 1
 .Os
 .Sh NAME
@@ -131,6 +131,7 @@ all the environment variables listed below, but is being prefixed with
 .Ev LD_32_ ,
 for example:
 .Ev LD_32_TRACE_LOADED_OBJECTS .
+If the activated image is setuid or setgid, the variables are ignored.
 .Bl -tag -width ".Ev LD_LIBMAP_DISABLE"
 .It Ev LD_DUMP_REL_POST
 If set,
@@ -305,6 +306,8 @@ The syntax of the direct invocation is
 .Op Fl b Ar exe
 .Op Fl f Ar fd
 .Op Fl p
+.Op Fl t
+.Op Fl v
 .Op Fl -
 .Pa image_path
 .Op Ar image arguments
@@ -345,6 +348,11 @@ character,
 uses the search path provided by the environment variable
 .Dv PATH
 to find the binary to execute.
+.It Fl t
+Ignore all
+.Ev LD_
+environment variables that otherwise affect the dynamic
+linker behavior.
 .It Fl v
 Display information about this run-time linker binary, then exit.
 .It Fl -
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 2943c1d06fa3..ae74f7b9a543 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -5773,6 +5773,8 @@ parse_args(char* argv[], int argc, bool *use_pathp, int *fdp,
 				break;
 			} else if (opt == 'p') {
 				*use_pathp = true;
+			} else if (opt == 't') {
+				trust = false;
 			} else if (opt == 'v') {
 				machine[0] = '\0';
 				mib[0] = CTL_HW;
@@ -5843,6 +5845,7 @@ print_usage(const char *argv0)
 	    "  -b <exe>  Execute <exe> instead of <binary>, arg0 is <binary>\n"
 	    "  -f <FD>   Execute <FD> instead of searching for <binary>\n"
 	    "  -p        Search in PATH for named binary\n"
+	    "  -t        Ignore LD_ environment variables\n"
 	    "  -v        Display identification information\n"
 	    "  --        End of RTLD options\n"
 	    "  <binary>  Name of process to execute\n"
