bug-glibc
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: setuid binaries lose their LD_RUN_PATH settings when LD_LIBRA RY_P A


From: Justin Hahn
Subject: RE: setuid binaries lose their LD_RUN_PATH settings when LD_LIBRA RY_P ATH is set
Date: Fri, 10 Aug 2001 09:15:52 -0400

> LD_LIBRARY_PATH is dropped for setuid applications out of security
> reasons.

Right, I understand and highly approve of that. However, it shouldn't strip
off the value that LD_RUN_PATH had at compile time. And it normally doesn't
if LD_LIBRARY_PATH and LD_RUN_PATH have no common elements.
 
> But you - as system admin - can add the dir to /etc/ld.so.conf and
> rerun ldconfig.  That way you don't need to set LD_LIBRARY_PATH at
> all.

That doesn't always work. For example, if /usr/local/lib is a symlink farm
ldconfig (wisely!) won't add them to the cache. However, in the case that
LD_RUN_PATH is explicitly set to include some directory at compile time and
LD_LIBRARY_PATH includes that directory as well and the binary is setuid
then linking fails. However, LD_RUN_PATH as I understand it is supposed to
be given the same sort of precedence as the values in ld.so.conf - i.e. they
are supposed to be safe. 

In any case, I think Ulrich knows what's happening. Hopefuly he can fix it.


--jeh



reply via email to

[Prev in Thread] Current Thread [Next in Thread]