# http://sourceware.org/ml/libc-hacker/2010-12/msg00001.html
# new fix for http://seclists.org/fulldisclosure/2010/Oct/257

2010-12-09  Andreas Schwab  <schwab@redhat.com>

	* elf/dl-object.c (_dl_new_object): Ignore origin of privileged
	program.
---
 elf/dl-object.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/elf/dl-object.c b/elf/dl-object.c
index 5d15ce1..a34e902 100644
--- a/elf/dl-object.c
+++ b/elf/dl-object.c
@@ -220,6 +220,9 @@ _dl_new_object (char *realname, const char *libname, int type,
     out:
       new->l_origin = origin;
     }
+  else if (INTUSE(__libc_enable_secure) && type == lt_executable)
+    /* The origin of a privileged program cannot be trusted.  */
+    new->l_origin = (char *) -1;
 
   return new;
 }