Date: Tue, 21 Oct 1997 09:06:48 -0700 From: John Polstra <jdp@polstra.com> To: dec@phoenix.its.rpi.edu Cc: hackers@freebsd.org Subject: Re: FreeBSD authentication... Message-ID: <199710211606.JAA16013@austin.polstra.com> In-Reply-To: <Pine.BSF.3.96.971018102700.27956A-100000@phoenix.its.rpi.edu> References: <Pine.BSF.3.96.971018102700.27956A-100000@phoenix.its.rpi.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.BSF.3.96.971018102700.27956A-100000@phoenix.its.rpi.edu>, David E. Cross <dec@phoenix.its.rpi.edu> wrote: > (Since they are implimented as shared libraries, that you link in as > needed, would we need to rewrite ld.so a bit to ensure that people > couldn't set their LD_LIBRARY_PATH, and then run su to get full root > acces, sans password?) The dynamic linker ignores LD_LIBRARY_PATH when running setuid or setgid. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Self-knowledge is always bad news." -- John Barth
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710211606.JAA16013>