From patchwork Tue Jan 27 19:18:10 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vivien Kraus X-Patchwork-Id: 129064 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from vm01.sourceware.org (localhost [127.0.0.1]) by sourceware.org (Postfix) with ESMTP id B462A4BA2E36 for ; Tue, 27 Jan 2026 19:24:36 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B462A4BA2E36 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, secure) header.d=planete-kraus.eu header.i=@planete-kraus.eu header.a=rsa-sha1 header.s=albinoniB header.b=sR2oyyBn X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from planete-kraus.eu (planete-kraus.eu [89.234.140.182]) by sourceware.org (Postfix) with ESMTPS id C9BFF4BA9024 for ; Tue, 27 Jan 2026 19:23:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C9BFF4BA9024 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=planete-kraus.eu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=planete-kraus.eu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C9BFF4BA9024 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=89.234.140.182 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1769541811; cv=none; b=XVKRvYdZczQzwbfw9V2BSCWrG7ND+6yuoRQ0l/8vTPpKOFVH2ssDREOyNCMK7MYi9bCoSG3f9tSlbwBR/FOHHjxXpHVLOE/DJxNJEDxcUzx6GvxLaO2G1WgnpHOik+svZgN5Y9W9RgastVZ7jlDGNb2XK7e7M4FMzMVIA6dFh0s= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1769541811; c=relaxed/simple; bh=uIlnIFodbmyG+dJ7vr37VBkXXzD5/Rk7WfkXFuDHvhM=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=PClVX6zTix4ww1A3K1Aojl+QJCnNVjxibRJxQS31OnMu762W1SxsOLusB5nqIMM26b+qXJbR3VP7dClylXyPTaGgEAbGzgti92aNaC3FSFFzxJdkLDIHmOZY7MDIqbpOD62gLTPxC5ZwYfSUcafn1LYbQCbXYQ9Ga4aCZpsscIQ= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C9BFF4BA9024 Received: from planete-kraus.eu (localhost [127.0.0.1]) by planete-kraus.eu (OpenSMTPD) with ESMTP id a91cc875; Tue, 27 Jan 2026 19:23:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=from :to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=albinoniB; bh=/6WX7gF FzueUGHq9yqEYVFS6Hys=; b=sR2oyyBnDDPFaxO+FsmHtAcLsjRU7oKWSiSRXzS /LRO5SighO39kf7FpR7tsDBzSjjKkeQxxCoZanwBdt3XEgOzvSv5YnXsHc+QW1kc p2o/OyxGiQBAKxvckgA9VgQoqARzWbF5iNi8l+6V2+s6rNWR7G0lUCSwoJkUhSTd 5y3b2nWKLMiY2lw148K0VEza4Y5or1JsmgNUdVudMrrbCy6xeyTTjFznmRCVqDT7 kxY7HaXWHpi9GrmLcFbqc2qSJidf3r62W2Oe5P2BPGOB0cPAAttntkymda1mqomv FPmfob5spa0IL/D+yywzLpdpl06ETgLijhKmYsgYC46w2CQ== Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id effbf067 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Tue, 27 Jan 2026 19:23:21 +0000 (UTC) From: Vivien Kraus To: libc-alpha@sourceware.org, adhemerval.zanella@linaro.org Cc: Vivien Kraus Subject: [PATCH v20 05/11] posix: do not allow option name translations for secure programs Date: Tue, 27 Jan 2026 20:18:10 +0100 Message-Id: <5cccc8dd552778e8bcd2a668e6a033fa83e6be64.1769539987.git.vivien@planete-kraus.eu> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <68a758ae45c064bad35bfec73c3d5ffd050398e3.1748369494.git.vivien@planete-kraus.eu> MIME-Version: 1.0 X-Spam-Status: No, score=-12.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, JMQ_SPF_NEUTRAL, RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS, SPF_PASS, TXREP, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org SETUID / SETGID / AT_SECURE programs should not accept translated names, so that the programmer knows exactly how the program can be invoked. --- posix/getopt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/posix/getopt.c b/posix/getopt.c index 82f0968f8e..aec2bbd48a 100644 --- a/posix/getopt.c +++ b/posix/getopt.c @@ -199,7 +199,7 @@ match_translated_option_name (char *(*translate) (const char *, const char *, const char *translated = opt_name; char *translation_buffer = NULL; bool matches = false; - if (translate != NULL) + if (translate != NULL && !__libc_enable_secure) translated = translate (opt_textdomain, translation_context, opt_name, &translation_buffer);