From owner-freebsd-hackers  Mon Oct 23 21:14:58 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id VAA03804
          for hackers-outgoing; Mon, 23 Oct 1995 21:14:58 -0700
Received: from rocky.sri.MT.net (sri.MT.net [204.94.231.129])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id VAA03756
          for <freebsd-hackers@freebsd.org>; Mon, 23 Oct 1995 21:14:31 -0700
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id WAA24786; Mon, 23 Oct 1995 22:16:21 -0600
Date: Mon, 23 Oct 1995 22:16:21 -0600
From: Nate Williams <nate@rocky.sri.MT.net>
Message-Id: <199510240416.WAA24786@rocky.sri.MT.net>
To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
Cc: Nate Williams <nate@rocky.sri.MT.net>, ache@freefall.freebsd.org,
        freebsd-hackers@freebsd.org,
        "Justin T. Gibbs" <gibbs@freefall.freebsd.org>
Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs
In-Reply-To: <Woch5Zm4S1@ache.dialup.demos.ru>
References: <199510240014.RAA21318@aslan.cdrom.com>
	<Dah73Zm0GT@ache.dialup.demos.ru>
	<199510240245.UAA24602@rocky.sri.MT.net>
	<Woch5Zm4S1@ache.dialup.demos.ru>
Sender: owner-hackers@freebsd.org
Precedence: bulk

> In message <199510240245.UAA24602@rocky.sri.MT.net> Nate Williams
>     writes:
> 
> >I agree, and it appears that David and John P. are also in agreement.
> 
> Well, I and Terry in agreement :-)

No, Terry and you are in disagreement.  Read again what he wrote.
Because FreeBSD's handling of the code is broken, then your fix is also
broken.

> >One, I find it hard to believe a program will work because it's in
> >memory even though the shlibs can't be found, and secondly any script
> 
> Want experiment? Well. Start tcsh (it is dynamic). Then
> remove ld.so.hints or use ldconfig -s. You still can prefectly
> works in shell, but all share binaries dumps core.
> Don't forget to reboot after.

Depending on this is a *very* bad thing.

> >that needs to know that the programs it calls are linked static/shared
> >is completely unportable.
> 
> I agree. As I already mention, all previously existen and working secure
> shell scripts becomes completely unportable, if my fix not be commited.

I disagree, but anyway...
,
> >If you can't give a specific and useful example of *why* it's a good
> >reason to do, I'm backing out the change with the speedup changes I'll
> >be committing as soon as my tests complete.
> 
> Well, I send this script already two times. Want yet once?

I don't think you're 'script' is at all convincing, at least not to me.
In any case it appears the consensus is to remove this feature from use,
which I also agree would be a good thing.


Nate