From patchwork Sat Dec 6 13:19:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vivien Kraus X-Patchwork-Id: 126034 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from vm01.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 7196848EFFB1 for ; Sat, 6 Dec 2025 13:23:48 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7196848EFFB1 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, secure) header.d=planete-kraus.eu header.i=@planete-kraus.eu header.a=rsa-sha1 header.s=albinoniA header.b=0XxnEPdv X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from planete-kraus.eu (planete-kraus.eu [89.234.140.182]) by sourceware.org (Postfix) with ESMTPS id AB06D48EFFA8 for ; Sat, 6 Dec 2025 13:22:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AB06D48EFFA8 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=planete-kraus.eu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=planete-kraus.eu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org AB06D48EFFA8 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=89.234.140.182 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1765027352; cv=none; b=pFtNQqg0KKqRdi9ktv6Tmy9HbtuZfJWhgt4wG8u4dKnv+CUttROBnNNmeRyeKjrEwt8ZGzuwCguVK0v+egMAT15wulReOt3hoFOgDxPSv3TAvt4fHD0aPSi6kVdv3gqfTQm7Gkgo17Mr8EuefB3dJh7SPBhy3jO5yhqpL8XSSwM= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1765027352; c=relaxed/simple; bh=9hI8lKgdHd54FFOfWWfaCrZrdl22mXhOaVnWuFu8rIs=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=e+i1/TOk+Uv4FPuxVauS0IXnl8Ttp1GQarphifYYenEPfW5q46/q4VbwVEqM15gPTVdJsrbaShMMjTyv93O1hBiLcXRbye4QIPn8r5ESQ9uhoeH/nHg1MTNbebLs5tbhYgPtmX0Gl8zkL/36Tx5j/4b74ityJFyRcYrNb4EbGdQ= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org AB06D48EFFA8 Received: from planete-kraus.eu (localhost [127.0.0.1]) by planete-kraus.eu (OpenSMTPD) with ESMTP id b9a46d85; Sat, 6 Dec 2025 13:22:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=from :to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=albinoniA; bh=I1rKHMS oBltO2sIpG9M1Jy7JGy0=; b=0XxnEPdvU96RdhUQ4AHl5vMzNjJUXjSNtqx+peZ ALJ7mQaFA8tmuuQMjKLk9fnnZFSPDpL9IHA4tX4fbi0mqzUa6D6fsoDxu0V0NNPV PDs7UoUmhMK8pQqMzEIPFMjGgVZchhb4Htj4/Ad8SpHVFtsTD0vryj2FxUvUGChu jyJeJKHEX1qu8inSQLA0Qauz+shcVoLUX4aSN8qVIWuITh7TJUQ3wvqP2X7RZMrD XonBi7fJ8phVTSNyClZojdmLDXcx/DJgI8arzRf4OEXqEoZgJYx4Gxo60meBjg47 FdYf8jE8w5IM9ofwekHSBgtJx2hRnnD/ow8Z0WO/2jR2maQ== Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id d31516d0 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Sat, 6 Dec 2025 13:22:30 +0000 (UTC) From: Vivien Kraus To: libc-alpha@sourceware.org, adhemerval.zanella@linaro.org Cc: Vivien Kraus Subject: [PATCH v19 05/11] posix: do not allow option name translations for secure programs Date: Sat, 6 Dec 2025 14:19:12 +0100 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <68a758ae45c064bad35bfec73c3d5ffd050398e3.1748369494.git.vivien@planete-kraus.eu> MIME-Version: 1.0 X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, JMQ_SPF_NEUTRAL, RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS, SPF_PASS, TXREP, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org SETUID / SETGID / AT_SECURE programs should not accept translated names, so that the programmer knows exactly how the program can be invoked. --- posix/getopt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/posix/getopt.c b/posix/getopt.c index e27c0f53ab..ba2a703174 100644 --- a/posix/getopt.c +++ b/posix/getopt.c @@ -199,7 +199,7 @@ match_translated_option_name (char *(*translate) (const char *, const char *, const char *translated = opt_name; char *translation_buffer = NULL; int matches = 0; - if (translate != NULL) + if (translate != NULL && !__libc_enable_secure) translated = translate (opt_textdomain, translation_context, opt_name, &translation_buffer); matches = (!strncmp (translated, argument, argument_length)