Date: Mon, 23 Oct 1995 20:45:55 -0600 From: Nate Williams <nate@rocky.sri.MT.net> To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> Cc: "Justin T. Gibbs" <gibbs@freefall.freebsd.org>, ache@freefall.freebsd.org, freebsd-hackers@freebsd.org Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs Message-ID: <199510240245.UAA24602@rocky.sri.MT.net> In-Reply-To: <Dah73Zm0GT@ache.dialup.demos.ru> References: <199510240014.RAA21318@aslan.cdrom.com> <Dah73Zm0GT@ache.dialup.demos.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> >>>UN*X systems have clasically given you a shotgun powerfull enough > >>>to blow your foot off. If you are knowledgeable enough to use > >>>LD_NOSTD_PATH, then you should know its effects. Since it is not > >>>a security problem, I don't think it should be removed (as I said > >>>in other mail on this subject). I agree, and it appears that David and John P. are also in agreement. > >>Well, but already existen shell scripts, i.e. admin things knows > >>nothing about possibility of failing via LD_NOSTD_PATH. > >>I.e. when they calls "su -c ..." they assume that this command > >>NOT fails. They even disable ^C somethimes to be shure. > >>But LD_NOSTD_PATH as very recent addition and I see no one > >>script which care of it. Since it is a very recent addition, as Justin pointed out that if they are knowledgable enough to use it, they should know how to use it. > >But anyone who sets LD_NOSTD_PATH will not be able to run *anything* > >shared unless the have a sane LD_LIBRARY_PATH. Actually, it still won't work because setuid/setgid programs (correctly) unsets LD_LIBRARY_PATH. > This is not a > >shell script only problem and I don't think the change is appropriate. > > Well, we have a lot static utils, i.e. whole /bin, /sbin and > few from other places. They still works in this situation. > Moreover, current shared shell works too, it is already in memory. One, I find it hard to believe a program will work because it's in memory even though the shlibs can't be found, and secondly any script that needs to know that the programs it calls are linked static/shared is completely unportable. If you can't give a specific and useful example of *why* it's a good reason to do, I'm backing out the change with the speedup changes I'll be committing as soon as my tests complete. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510240245.UAA24602>