From owner-freebsd-hackers  Mon Oct 23 17:41:14 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id RAA12869
          for hackers-outgoing; Mon, 23 Oct 1995 17:41:14 -0700
Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id RAA12860
          for <freebsd-hackers@FreeBSD.ORG>; Mon, 23 Oct 1995 17:41:10 -0700
Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id RAA12297; Mon, 23 Oct 1995 17:33:21 -0700
From: Terry Lambert <terry@lambert.org>
Message-Id: <199510240033.RAA12297@phaeton.artisoft.com>
Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs
To: gibbs@freefall.freebsd.org (Justin T. Gibbs)
Date: Mon, 23 Oct 1995 17:33:20 -0700 (MST)
Cc: ache@astral.msk.su, gibbs@freefall.freebsd.org, ache@freefall.freebsd.org,
        freebsd-hackers@FreeBSD.ORG, jdp@polstra.com
In-Reply-To: <199510240031.RAA21409@aslan.cdrom.com> from "Justin T. Gibbs" at Oct 23, 95 05:31:23 pm
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1314      
Sender: owner-hackers@FreeBSD.ORG
Precedence: bulk

> >>But anyone who sets LD_NOSTD_PATH will not be able to run *anything*
> >>shared unless the have a sane LD_LIBRARY_PATH.  This is not a 
> >>shell script only problem and I don't think the change is appropriate.
> >
> >Well, we have a lot static utils, i.e. whole /bin, /sbin and
> >few from other places. They still works in this situation.
> >Moreover, current shared shell works too, it is already in memory.
> 
> Bogus argument in my opinion.  The people who are going to use
> LD_NOSTD_PATH will know its effects.  If you still want to argue
> about this, fine, but I'd like to put this issue to a vote.

Sun can use LD_NOSTD_PATH because all it does is turn off the search
path from ldconfig.

When you compile a binary with a shared lib on SunOS, it remembers the
path of the library it actually linked with.

I thought FreeBSD did this as well?

The point is to prevent a hack of ldconfig or the database from being
a security problem (even if it's just a Trojan used for the hack).

If FreeBSD "does the right thing" when the library path searching is
disabled (ie: "knows" the path used on the link), then LD_NOSTD_PATH
is a valid change.  Otherwise, it is not.


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.