Date: Tue, 24 Oct 1995 02:58:52 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: "Justin T. Gibbs" <gibbs@freefall.freebsd.org> Cc: ache@freefall.freebsd.org, freebsd-hackers@freebsd.org, John Polstra <jdp@polstra.com> Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs Message-ID: <Gaym2Zmq8S@ache.dialup.demos.ru> In-Reply-To: <199510232319.QAA21109@aslan.cdrom.com>; from "Justin T. Gibbs" at Mon, 23 Oct 1995 16:19:58 -0700 References: <199510232319.QAA21109@aslan.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199510232319.QAA21109@aslan.cdrom.com> Justin T. Gibbs writes: >UN*X systems have clasically given you a shotgun powerfull enough >to blow your foot off. If you are knowledgeable enough to use >LD_NOSTD_PATH, then you should know its effects. Since it is not >a security problem, I don't think it should be removed (as I said >in other mail on this subject). Well, but already existen shell scripts, i.e. admin things knows nothing about possibility of failing via LD_NOSTD_PATH. I.e. when they calls "su -c ..." they assume that this command NOT fails. They even disable ^C somethimes to be shure. But LD_NOSTD_PATH as very recent addition and I see no one script which care of it. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Gaym2Zmq8S>