Date: Tue, 24 Oct 1995 02:55:24 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: Nate Williams <nate@rocky.sri.MT.net> Cc: ache@freefall.freebsd.org, freebsd-hackers@freebsd.org, John Polstra <jdp@polstra.com> Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs Message-ID: <Faij2Zmq8S@ache.dialup.demos.ru> In-Reply-To: <199510232318.RAA24039@rocky.sri.MT.net>; from Nate Williams at Mon, 23 Oct 1995 17:18:23 -0600 References: <m0t7SFB-000078C@seattle.polstra.com> <Aagc1ZmOzJ@ache.dialup.demos.ru> <199510232318.RAA24039@rocky.sri.MT.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199510232318.RAA24039@rocky.sri.MT.net> Nate Williams
writes:
>> >Can you see a security reason for disabling LD_NOSTD_PATH for suid/sgid
>> >programs? If not, I think that the recent change should be removed from
>> >rtld.c.
>>
>> In this case I keep in mind some shell script execution which calls
>> setuid programs. By setiing LD_NOSTD_PATH user allows such
>> programs easily fails, it is clear.
>Why should a program which calls setuid programs fail in the first
>place? If they are calling a setuid program it will still only look in
>the 'normal' places for shlibs, which means they are safe.
If user set LD_NOSTD_PATH it *NOT* look for normal places anymore.
--
Andrey A. Chernov : And I rest so composedly, /Now, in my bed,
ache@astral.msk.su : That any beholder /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead.
RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Faij2Zmq8S>