From: "Michael Kerrisk (man-pages)" <mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: Silvan Jegen <s.jegen-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Maria Guseva <m.guseva-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
Yury Gribov <y.gribov-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>,
v.garbuzov-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org,
linux-man <linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PING][patch] ld.so.8: outline missed cases of secure run
Date: Fri, 04 Dec 2015 22:28:11 +0100 [thread overview]
Message-ID: <5662056B.9040502@gmail.com> (raw)
In-Reply-To: <CAKvUva-pDmq7Cuvh0=Ne+Z+tbTdxO=s5YX6KVa1dUeB=uw5YPA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
Hello Silvan
On 11/26/2015 11:25 AM, Silvan Jegen wrote:
> Hi
>
> Please find below a few typos I found while looking at the text.
>
> On Thu, Nov 26, 2015 at 10:43 AM, Maria Guseva <m.guseva-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org> wrote:
>> So find the final patch below:
>>
>> diff --git a/man8/ld.so.8 b/man8/ld.so.8 index 8d8a759..112406e 100644
>> --- a/man8/ld.so.8
>> +++ b/man8/ld.so.8
>> @@ -61,8 +61,8 @@ of the binary if present and DT_RUNPATH attribute does not
>> exist.
>> Use of DT_RPATH is deprecated.
>> .IP o
>> Using the environment variable
>> -.BR LD_LIBRARY_PATH .
>> -Except if the executable is a set-user-ID/set-group-ID binary,
>> +.BR LD_LIBRARY_PATH
>> +(unless the executable is being run in secure-execution mode; see below).
>> in which case it is ignored.
>> .IP o
>> (ELF only) Using the directories specified in the @@ -166,15 +166,38 @@
>> environment variable setting (see below).
>> .BI \-\-inhibit\-rpath " list"
>> Ignore RPATH and RUNPATH information in object names in .IR list .
>> -This option is ignored if
>> -.B ld.so
>> -is set-user-ID or set-group-ID.
>> +This option is ignored if when running in secure-execution mode (see
>> below).
>
> either "if" or "when", not both
Yes.
>> .TP
>> .BI \-\-audit " list"
>> Use objects named in
>> .I list
>> as auditors.
>> .SH ENVIRONMENT
>> +Various environment variable influence the operation of the dynamic linker.
>
> s/variable/variables/
Yes.
>> +.\"
>> +.SS Secure-execution mode
>> +For security reasons,
>> +the effects of some environment variables are voided or modified if the
>> +dynamic linker determines that the binary should be run in
>> +secure-execution mode.
>> +This determination is made by checking whether the .B AT_SECURE entry
>> +in the auxiliary vector (see .BR getauxval (3)) has a nonzero value.
>> +This entry may have a nonzero value for various reasons, including:
>> +.IP * 3
>> +The process's real and effective user IDs differ, or the real and
>
> I think one writes process' instead of process's if a possessive 's
> follows an s at the end of the word.
"process's" works okay for me.
Cheers,
Michael
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2015-12-04 21:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-31 16:12 [patch] ld.so.8: outline missed cases of secure run Maria Guseva
2015-09-01 7:18 ` Yury Gribov
[not found] ` <55E55162.5080702-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-09-14 18:42 ` Michael Kerrisk (man-pages)
[not found] ` <CAKgNAkjgs9rBz8MvgMW1Xts95nBo433RAvoyOZFKuU6cDFO_zg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-09-15 9:13 ` Yury Gribov
2015-09-14 5:37 ` Michael Kerrisk (man-pages)
[not found] ` <55F65D25.1080708-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-22 8:58 ` Maria Guseva
2015-10-29 9:21 ` Maria Guseva
2015-11-26 9:43 ` [PING][patch] " Maria Guseva
2015-12-04 21:27 ` Michael Kerrisk (man-pages)
[not found] ` <00f601d1282e$e3e04ef0$aba0ecd0$@guseva@samsung.com>
[not found] ` <00f601d1282e$e3e04ef0$aba0ecd0$@guseva-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-11-26 10:25 ` Silvan Jegen
[not found] ` <CAKvUva-pDmq7Cuvh0=Ne+Z+tbTdxO=s5YX6KVa1dUeB=uw5YPA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-11-30 16:49 ` Maria Guseva
[not found] ` <565C7E09.4030209-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-12-05 7:33 ` Michael Kerrisk (man-pages)
2015-12-04 21:28 ` Michael Kerrisk (man-pages) [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5662056B.9040502@gmail.com \
--to=mtk.manpages-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=m.guseva-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
--cc=s.jegen-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=v.garbuzov-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
--cc=y.gribov-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).