mirror of https://github.com/mkerrisk/man-pages
ld.so.8: Describe secure-execution mode
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
614e5d137a
commit
9894eac316
26
man8/ld.so.8
26
man8/ld.so.8
|
@ -175,6 +175,31 @@ Use objects named in
|
|||
.I list
|
||||
as auditors.
|
||||
.SH ENVIRONMENT
|
||||
Various environment variable influence the operation of the dynamic linker.
|
||||
.\"
|
||||
.SS Secure-execution mode
|
||||
For security reasons,
|
||||
the effects of some environment variables are voided or modified if
|
||||
the dynamic linker determines that the binary should be
|
||||
run in secure-execution mode.
|
||||
This determination is made by checking whether the
|
||||
.B AT_SECURE
|
||||
entry in the auxiliary vector (see
|
||||
.BR getauxval (3))
|
||||
has a nonzero value.
|
||||
This entry may have a nonzero value for various reasons, including:
|
||||
.IP * 3
|
||||
The process's real and effective user IDs differ,
|
||||
or the real and effective group IDs differ.
|
||||
This typically occurs as a result of executing
|
||||
a set-user-ID or set-group-ID program.
|
||||
.IP *
|
||||
A process with a non-root user ID executed a binary that
|
||||
conferred permitted or effective capabilities.
|
||||
.IP *
|
||||
A nonzero value may have been set by a Linux Security Module.
|
||||
.\"
|
||||
.SS Environment variables
|
||||
Among the more important environment variables are the following:
|
||||
.TP
|
||||
.B LD_ASSUME_KERNEL
|
||||
|
@ -519,6 +544,7 @@ mtrr, pat, pbe, pge, pn, pse36, sep, ss, sse, sse2, tm
|
|||
.BR sprof (1),
|
||||
.BR dlopen (3),
|
||||
.BR getauxval (3),
|
||||
.BR capabilities (7),
|
||||
.BR rtld-audit (7),
|
||||
.BR ldconfig (8),
|
||||
.BR sln (8)
|
||||
|
|
Loading…
Reference in New Issue