Message ID | 20240301174659.2012703-1-josimmon@redhat.com |
---|---|
State | New |
Headers | show |
Series | [committed] manual/tunables - Add entry for enable_secure tunable. | expand |
I neglected to change the subject line. Please disregard. Thanks, Joe On Fri, Mar 1, 2024 at 12:47 PM Joe Simmons-Talbott <josimmon@redhat.com> wrote: > > From: Joe Talbott <joetalbott@gmail.com> > > --- > manual/tunables.texi | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/manual/tunables.texi b/manual/tunables.texi > index be97190d67..4a7d04dc0d 100644 > --- a/manual/tunables.texi > +++ b/manual/tunables.texi > @@ -345,6 +345,16 @@ performance issues of @samp{1}. > The default value of this tunable is @samp{2}. > @end deftp > > +@deftp Tunable glibc.rtld.enable_secure > +Used to run a program as if it were a setuid process. The only valid value > +is @samp{1} as this tunable can only be used to set and not unset > +@code{enable_secure}. Setting this tunable to @samp{1} also disables all other > +tunables. This tunable is intended to facilitate more extensive verification > +tests for @code{AT_SECURE} programs and not meant to be a security feature. > + > +The default value of this tunable is @samp{0}. > +@end deftp > + > @node Elision Tunables > @section Elision Tunables > @cindex elision tunables > -- > 2.43.2 >
diff --git a/manual/tunables.texi b/manual/tunables.texi index be97190d67..4a7d04dc0d 100644 --- a/manual/tunables.texi +++ b/manual/tunables.texi @@ -345,6 +345,16 @@ performance issues of @samp{1}. The default value of this tunable is @samp{2}. @end deftp +@deftp Tunable glibc.rtld.enable_secure +Used to run a program as if it were a setuid process. The only valid value +is @samp{1} as this tunable can only be used to set and not unset +@code{enable_secure}. Setting this tunable to @samp{1} also disables all other +tunables. This tunable is intended to facilitate more extensive verification +tests for @code{AT_SECURE} programs and not meant to be a security feature. + +The default value of this tunable is @samp{0}. +@end deftp + @node Elision Tunables @section Elision Tunables @cindex elision tunables
From: Joe Talbott <joetalbott@gmail.com> --- manual/tunables.texi | 10 ++++++++++ 1 file changed, 10 insertions(+)