mirror of https://github.com/mkerrisk/man-pages
ld.so.8: Document LD_POINTER_GUARD
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
54eb262054
commit
7b0cacbb10
24
man8/ld.so.8
24
man8/ld.so.8
|
@ -256,18 +256,18 @@ For security reasons, since glibc 2.4,
|
|||
is ignored for set-user-ID/set-group-ID binaries.
|
||||
.\" Only used if $ORIGIN can't be determined by normal means
|
||||
.\" (from the origin path saved at load time, or from /proc/self/exe)?
|
||||
.\"
|
||||
.\" FIXME
|
||||
.\" Document LD_POINTER_GUARD
|
||||
.\" Since glibc 2.4
|
||||
.\" Set to 0 to disable pointer guarding
|
||||
.\" Any other value enables pointer guarding, which is also the default.
|
||||
.\" Pointer guarding is a security mechanism(?) to minimize the
|
||||
.\" the risk of having usable pointer in the event of a buffer overrun
|
||||
.\" or stack smashing attack(?).
|
||||
.\" http://article.gmane.org/gmane.comp.gdb.patches/41147/match=ld_pointer_guard
|
||||
.\" http://sourceware.org/ml/gdb-patches/2008-04/msg00252.html
|
||||
.\" http://www.cygwin.com/ml/libc-alpha/2006-01/msg00011.html
|
||||
.TP
|
||||
.B LD_POINTER_GUARD
|
||||
(glibc since 2.4)
|
||||
Set to 0 to disable pointer guarding.
|
||||
Any other value enables pointer guarding, which is also the default.
|
||||
Pointer guarding is a security mechanism whereby some pointers to code
|
||||
stored in writable program memory (return addresses saved by
|
||||
.BR setjmp (3)
|
||||
or function pointers used by various glibc internals) are mangled
|
||||
semi-randomly to make it more difficult for an attacker to hijack
|
||||
the pointers for use in the event of a buffer overrun or
|
||||
stack-smashing attack.
|
||||
.TP
|
||||
.B LD_PROFILE
|
||||
(glibc since 2.1)
|
||||
|
|
Loading…
Reference in New Issue