From owner-freebsd-bugs@FreeBSD.ORG  Wed Nov 24 02:04:35 2010
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 798CE1065670;
	Wed, 24 Nov 2010 02:04:35 +0000 (UTC)
	(envelope-from arundel@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 6A2F68FC1A;
	Wed, 24 Nov 2010 02:04:35 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oAO24Zax019100;
	Wed, 24 Nov 2010 02:04:35 GMT
	(envelope-from arundel@freefall.freebsd.org)
Received: (from arundel@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oAO24Y7j019096;
	Wed, 24 Nov 2010 02:04:34 GMT (envelope-from arundel)
Date: Wed, 24 Nov 2010 02:04:34 GMT
Message-Id: <201011240204.oAO24Y7j019096@freefall.freebsd.org>
To: lee@nerds.org.uk, arundel@FreeBSD.org, freebsd-bugs@FreeBSD.org
From: arundel@FreeBSD.org
Cc: 
Subject: Re: misc/41179: [request] LD_LIBRARY_PATH security checks
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Nov 2010 02:04:35 -0000

Synopsis: [request] LD_LIBRARY_PATH security checks

State-Changed-From-To: suspended->closed
State-Changed-By: arundel
State-Changed-When: Wed Nov 24 01:47:22 UTC 2010
State-Changed-Why: 
The situation described in this PR *only* applies to the root user. The purpose
of running any commands as uid=0 is to have no security checks in place.
If a regular user uses su(1) to gain root priviliges he should be aware that all
his enviremental settings (unless su(1) was invoked with the -l switch) will
*not* be discarded.
The idea of adding security checks to LD_LIBRARY_PATH similar to those in
ldconfig(8) was defenately a good idea, but since it never caught on i'll
close this. Also even OpenBSD - famous for it's security awareness - doesn't
seem to have incorporated this or a similar concept.

http://www.freebsd.org/cgi/query-pr.cgi?pr=41179