Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"

This reverts commit bff3b0f16c.

Reason for revert: Accidentally drops EXTRA_UNSECURE_ENVVARS support.

elf/dl-support.c

@@ -272,6 +272,8 @@ _dl_non_dynamic_init (void)
   _dl_main_map.l_phdr = GL(dl_phdr);
   _dl_main_map.l_phnum = GL(dl_phnum);
 
+  _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
+
   /* Set up the data structures for the system-supplied DSO early,
      so they can influence _dl_init_paths.  */
   setup_vdso (NULL, NULL);
@@ -279,27 +281,6 @@ _dl_non_dynamic_init (void)
   /* With vDSO setup we can initialize the function pointers.  */
   setup_vdso_pointers ();
 
-  if (__libc_enable_secure)
-    {
-      static const char unsecure_envvars[] =
-	UNSECURE_ENVVARS
-	;
-      const char *cp = unsecure_envvars;
-
-      while (cp < unsecure_envvars + sizeof (unsecure_envvars))
-	{
-	  __unsetenv (cp);
-	  cp = strchr (cp, '\0') + 1;
-	}
-
-#if !HAVE_TUNABLES
-      if (__access ("/etc/suid-debug", F_OK) != 0)
-	__unsetenv ("MALLOC_CHECK_");
-#endif
-    }
-
-  _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
-
   /* Initialize the data structures for the search paths for shared
      objects.  */
   _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
@@ -321,6 +302,28 @@ _dl_non_dynamic_init (void)
     _dl_profile_output
       = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0];
 
+  if (__libc_enable_secure)
+    {
+      static const char unsecure_envvars[] =
+	UNSECURE_ENVVARS
+#ifdef EXTRA_UNSECURE_ENVVARS
+	EXTRA_UNSECURE_ENVVARS
+#endif
+	;
+      const char *cp = unsecure_envvars;
+
+      while (cp < unsecure_envvars + sizeof (unsecure_envvars))
+	{
+	  __unsetenv (cp);
+	  cp = (const char *) __rawmemchr (cp, '\0') + 1;
+	}
+
+#if !HAVE_TUNABLES
+      if (__access ("/etc/suid-debug", F_OK) != 0)
+	__unsetenv ("MALLOC_CHECK_");
+#endif
+    }
+
 #ifdef DL_PLATFORM_INIT
   DL_PLATFORM_INIT;
 #endif