mirror of https://github.com/mkerrisk/man-pages
ld.so.8: Make notes on secure-execute mode more prominent
Place each note on secure-execution mode in a separate paragraph, to make it more obvious. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
8dd4941bce
commit
578616fa6e
13
man8/ld.so.8
13
man8/ld.so.8
|
@ -268,6 +268,7 @@ The items in the list are separated by either colons or semicolons.
|
||||||
Similar to the
|
Similar to the
|
||||||
.B PATH
|
.B PATH
|
||||||
environment variable.
|
environment variable.
|
||||||
|
|
||||||
This variable is ignored in secure-execution mode.
|
This variable is ignored in secure-execution mode.
|
||||||
|
|
||||||
Within the pathnames specified in
|
Within the pathnames specified in
|
||||||
|
@ -342,6 +343,7 @@ to be loaded before all others in a separate linker namespace
|
||||||
(i.e., one that does not intrude upon the normal symbol bindings that
|
(i.e., one that does not intrude upon the normal symbol bindings that
|
||||||
would occur in the process).
|
would occur in the process).
|
||||||
These objects can be used to audit the operation of the dynamic linker.
|
These objects can be used to audit the operation of the dynamic linker.
|
||||||
|
|
||||||
.B LD_AUDIT
|
.B LD_AUDIT
|
||||||
is ignored in secure-execution mode.
|
is ignored in secure-execution mode.
|
||||||
|
|
||||||
|
@ -447,6 +449,7 @@ File in which
|
||||||
.B LD_DEBUG
|
.B LD_DEBUG
|
||||||
output should be written.
|
output should be written.
|
||||||
The default is standard error.
|
The default is standard error.
|
||||||
|
|
||||||
.B LD_DEBUG_OUTPUT
|
.B LD_DEBUG_OUTPUT
|
||||||
is ignored in secure-execution mode.
|
is ignored in secure-execution mode.
|
||||||
.TP
|
.TP
|
||||||
|
@ -460,6 +463,7 @@ allow weak symbols to be overridden (reverting to old glibc behavior).
|
||||||
.\" From: Ulrich Drepper <drepper at redhat dot com>
|
.\" From: Ulrich Drepper <drepper at redhat dot com>
|
||||||
.\" Date: 07 Jun 2000 20:08:12 -0700
|
.\" Date: 07 Jun 2000 20:08:12 -0700
|
||||||
.\" Reply-To: drepper at cygnus dot com (Ulrich Drepper)
|
.\" Reply-To: drepper at cygnus dot com (Ulrich Drepper)
|
||||||
|
|
||||||
Since glibc 2.3.4,
|
Since glibc 2.3.4,
|
||||||
.B LD_DYNAMIC_WEAK
|
.B LD_DYNAMIC_WEAK
|
||||||
is ignored in secure-execution mode.
|
is ignored in secure-execution mode.
|
||||||
|
@ -469,11 +473,12 @@ Mask for hardware capabilities.
|
||||||
.TP
|
.TP
|
||||||
.BR LD_ORIGIN_PATH " (since glibc 2.1)"
|
.BR LD_ORIGIN_PATH " (since glibc 2.1)"
|
||||||
Path where the binary is found.
|
Path where the binary is found.
|
||||||
|
.\" Used only if $ORIGIN can't be determined by normal means
|
||||||
|
.\" (from the origin path saved at load time, or from /proc/self/exe)?
|
||||||
|
|
||||||
Since glibc 2.4,
|
Since glibc 2.4,
|
||||||
.B LD_ORIGIN_PATH
|
.B LD_ORIGIN_PATH
|
||||||
is ignored in secure-execution mode.
|
is ignored in secure-execution mode.
|
||||||
.\" Used only if $ORIGIN can't be determined by normal means
|
|
||||||
.\" (from the origin path saved at load time, or from /proc/self/exe)?
|
|
||||||
.TP
|
.TP
|
||||||
.BR LD_POINTER_GUARD " (glibc from 2.4 to 2.22)"
|
.BR LD_POINTER_GUARD " (glibc from 2.4 to 2.22)"
|
||||||
Set to 0 to disable pointer guarding.
|
Set to 0 to disable pointer guarding.
|
||||||
|
@ -504,6 +509,7 @@ output should be written.
|
||||||
If this variable is not defined, or is defined as an empty string,
|
If this variable is not defined, or is defined as an empty string,
|
||||||
then the default is
|
then the default is
|
||||||
.IR /var/tmp .
|
.IR /var/tmp .
|
||||||
|
|
||||||
.B LD_PROFILE_OUTPUT
|
.B LD_PROFILE_OUTPUT
|
||||||
is ignored in secure-execution mode; instead
|
is ignored in secure-execution mode; instead
|
||||||
.IR /var/profile
|
.IR /var/profile
|
||||||
|
@ -513,6 +519,7 @@ is always used.
|
||||||
If this environment variable is defined (with any value),
|
If this environment variable is defined (with any value),
|
||||||
show the auxiliary array passed up from the kernel (see also
|
show the auxiliary array passed up from the kernel (see also
|
||||||
.BR getauxval (3)).
|
.BR getauxval (3)).
|
||||||
|
|
||||||
Since glibc 2.3.5,
|
Since glibc 2.3.5,
|
||||||
.B LD_SHOW_AUXV
|
.B LD_SHOW_AUXV
|
||||||
is ignored in secure-execution mode.
|
is ignored in secure-execution mode.
|
||||||
|
@ -545,6 +552,7 @@ If
|
||||||
.B LD_USE_LOAD_BIAS
|
.B LD_USE_LOAD_BIAS
|
||||||
is defined with the value 0,
|
is defined with the value 0,
|
||||||
neither executables nor PIEs will honor the base addresses.
|
neither executables nor PIEs will honor the base addresses.
|
||||||
|
|
||||||
This variable is ignored in secure-execution mode.
|
This variable is ignored in secure-execution mode.
|
||||||
.TP
|
.TP
|
||||||
.BR LD_VERBOSE " (since glibc 2.1)"
|
.BR LD_VERBOSE " (since glibc 2.1)"
|
||||||
|
@ -568,6 +576,7 @@ will first try to map executable pages using the
|
||||||
.BR MAP_32BIT
|
.BR MAP_32BIT
|
||||||
flag, and fall back to mapping without that flag if that attempt fails.
|
flag, and fall back to mapping without that flag if that attempt fails.
|
||||||
NB: MAP_32BIT will map to the low 2GB (not 4GB) of the address space.
|
NB: MAP_32BIT will map to the low 2GB (not 4GB) of the address space.
|
||||||
|
|
||||||
Because
|
Because
|
||||||
.B MAP_32BIT
|
.B MAP_32BIT
|
||||||
reduces the address range available for address space layout
|
reduces the address range available for address space layout
|
||||||
|
|
Loading…
Reference in New Issue