Date: Tue, 24 Oct 1995 03:46:31 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: "Justin T. Gibbs" <gibbs@freefall.freebsd.org> Cc: ache@freefall.freebsd.org, freebsd-hackers@freebsd.org, John Polstra <jdp@polstra.com> Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs Message-ID: <HadT3ZmmMT@ache.dialup.demos.ru> In-Reply-To: <199510240031.RAA21409@aslan.cdrom.com>; from "Justin T. Gibbs" at Mon, 23 Oct 1995 17:31:23 -0700 References: <199510240031.RAA21409@aslan.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199510240031.RAA21409@aslan.cdrom.com> Justin T. Gibbs writes: >>>But anyone who sets LD_NOSTD_PATH will not be able to run *anything* >>>shared unless the have a sane LD_LIBRARY_PATH. This is not a >>>shell script only problem and I don't think the change is appropriate. >> >>Well, we have a lot static utils, i.e. whole /bin, /sbin and >>few from other places. They still works in this situation. >>Moreover, current shared shell works too, it is already in memory. >Bogus argument in my opinion. The people who are going to use >LD_NOSTD_PATH will know its effects. If you still want to argue >about this, fine, but I'd like to put this issue to a vote. Yes, it can be used by intruder for hackers purposes, if he examine previously what script does. Ok with me, lets put this issue to a vote. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HadT3ZmmMT>