SunOS and shared libraries, security aspects

Lyndon Nerenberg lyndon at cs.athabascau.ca
Wed Sep 12 03:43:08 AEST 1990


jkp at cs.HUT.FI (Jyrki Kuoppala) writes:

>So, anyone see somthing wrong with the solution: We write a kludged
>setuid() to unsetenv LD_LIBRARY_PATH and distribute it with
>instructions of how to install it in your machine's shared library.
>We also find out which staticcally-linked programs have the problem
>and instruct users to recompile them and distribute fixed binaries for
>binary-only users.

Yes. A kludge is a kludge, and should be avoided at all costs. What we
really need is an option to ldconfig that allows the system administrator
to specify path components in LD_LIBRARY_PATH that will be honoured by
setuid programs. Or perhaps the option should just hardwire a value
for LD_LIBRARY_PATH that's used by setuid programs. The latter isn't quite
as nice a solution, though (IMHO).

Something like:

  ldconfig [ directory ... ] [ [ -T directory ] ... ]

where the -T flag is used to specify directories that are "trusted" in the
sense that they would be searched by ld when running a setuid program.

-- 
    Lyndon Nerenberg  VE6BBM / Computing Services / Athabasca University
        {alberta,cbmvax,mips}!atha!lyndon || lyndon at cs.athabascau.ca

      The only thing open about OSF is their mouth.  --Chuck Musciano



More information about the Comp.unix.internals mailing list