LD_ hole (was Re: IFS hole?)

Michael Neuman (mcn@c3serve.c3.lanl.gov)
Wed, 15 Dec 1993 13:18:14 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Greg Woods: "Re: IFS hole?"
Previous message: henry strickland: "Re: IFS hole?"
Next in thread: smb@research.att.com: "Re: LD_ hole (was Re: IFS hole?)"

> From bugtraq-owner@crimelab.crimelab.com Tue Dec 14 23:51:50 1993

> c) delete any environment varable that begins with LD_

  Most people have said this for obvious reasons, but the ld manpage says
that will not search anything (for suid binaries) other than the trusted
paths for dynamically linked libraries even if LD_LIBRARY_PATH is set. Is
this statement false? Is there a way around it? Is LD_PRELOAD_PATH documented
anywhere? :-)

Mike Neuman
mcn@lanl.gov

Next message: Greg Woods: "Re: IFS hole?"
Previous message: henry strickland: "Re: IFS hole?"
Next in thread: smb@research.att.com: "Re: LD_ hole (was Re: IFS hole?)"