diff -Nru glibc-2.3.3.old/elf/rtld.c glibc-2.3.3/elf/rtld.c
--- glibc-2.3.3.old/elf/rtld.c	2004-09-16 15:02:16.000000000 -0400
+++ glibc-2.3.3/elf/rtld.c	2004-09-16 15:04:58.000000000 -0400
@@ -2041,6 +2041,30 @@
   GLRO(dl_profile_output)
     = &"/var/tmp\0/var/profile"[INTUSE(__libc_enable_secure) ? 9 : 0];
 
+  /* Extra security for SUID binaries.  Remove all dangerous environment
+     variables.  */
+  if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
+    {
+      static const char unsecure_envvars[] =
+#ifdef EXTRA_UNSECURE_ENVVARS
+	EXTRA_UNSECURE_ENVVARS
+#endif
+	UNSECURE_ENVVARS;
+      const char *nextp;
+
+      nextp = unsecure_envvars;
+      do
+	{
+	  unsetenv (nextp);
+	  /* We could use rawmemchr but this need not be fast.  */
+	  nextp = (char *) (strchr) (nextp, '\0') + 1;
+	}
+      while (*nextp != '\0');
+
+      if (__access ("/etc/suid-debug", F_OK) != 0)
+	unsetenv ("MALLOC_CHECK_");
+    }
+
   while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)
     {
       size_t len = 0;
@@ -2188,33 +2212,10 @@
   /* The caller wants this information.  */
   *modep = mode;
 
-  /* Extra security for SUID binaries.  Remove all dangerous environment
-     variables.  */
-  if (__builtin_expect (INTUSE(__libc_enable_secure), 0))
-    {
-      static const char unsecure_envvars[] =
-#ifdef EXTRA_UNSECURE_ENVVARS
-	EXTRA_UNSECURE_ENVVARS
-#endif
-	UNSECURE_ENVVARS;
-      const char *nextp;
-
-      nextp = unsecure_envvars;
-      do
-	{
-	  unsetenv (nextp);
-	  /* We could use rawmemchr but this need not be fast.  */
-	  nextp = (char *) (strchr) (nextp, '\0') + 1;
-	}
-      while (*nextp != '\0');
-
-      if (__access ("/etc/suid-debug", F_OK) != 0)
-	unsetenv ("MALLOC_CHECK_");
-    }
   /* If we have to run the dynamic linker in debugging mode and the
      LD_DEBUG_OUTPUT environment variable is given, we write the debug
      messages to this file.  */
-  else if (any_debug && debug_output != NULL)
+  if (any_debug && debug_output != NULL)
     {
 #ifdef O_NOFOLLOW
       const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW;
diff -Nru glibc-2.3.3.old/malloc/malloc.c glibc-2.3.3/malloc/malloc.c
--- glibc-2.3.3.old/malloc/malloc.c	2004-09-16 15:03:22.000000000 -0400
+++ glibc-2.3.3/malloc/malloc.c	2004-09-16 15:04:58.000000000 -0400
@@ -321,6 +321,10 @@
 #define assert(x) ((void)0)
 #endif
 
+#include <abort-instr.h>
+#ifndef ABORT_INSTRUCTION
+#define ABORT_INSTRUCTION
+#endif
 
 /*
   INTERNAL_SIZE_T is the word-size used for internal bookkeeping
diff -Nru glibc-2.3.3.old/sysdeps/generic/unsecvars.h glibc-2.3.3/sysdeps/generic/unsecvars.h
--- glibc-2.3.3.old/sysdeps/generic/unsecvars.h	2004-09-16 15:03:11.000000000 -0400
+++ glibc-2.3.3/sysdeps/generic/unsecvars.h	2004-09-16 15:04:58.000000000 -0400
@@ -3,6 +3,8 @@
    with a '\0' explicitly.  */
 #define UNSECURE_ENVVARS \
   "LD_PRELOAD\0"							      \
+  "LD_DEBUG\0"								      \
+  "LD_TRACE_PRELINKING\0"							      \
   "LD_LIBRARY_PATH\0"							      \
   "LD_ORIGIN_PATH\0"							      \
   "LD_DEBUG_OUTPUT\0"							      \