[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: exec and EXECSERVERS

From: Thomas Bushnell, BSG
Subject: Re: exec and EXECSERVERS
Date: 20 Dec 2002 15:53:12 -0800
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Roland McGrath <roland@gnu.org> writes:

> > > In Unix, if I run setuid program foo, and foo runs program bar, then
> > > the dynamic loader, noticing that ruid!=euid, will ignore LD_PRELOAD,
> > > etc., when loading bar.  (Right?)  This is because LD_PRELOAD is under
> > > the control of a user different from the one whose privileges we have
> > > now.  Isn't the same true for the Hurd?
> > 
> > Well, we don't have LD_PRELOAD. :)
> Yes, we do, and yes, it behaves just the same.  Same goes for LD_LIBRARY_PATH
> and other such things.

I thought there was some special Linux widget in the dynamic loader
that we don't support.  Maybe that's just long gone.

Anyhow, the point is a good one with respect to environment variables,
and perhaps we should enable EXECSERVERS with the suggested tweak,
that it is off for secure exec and for euid!=ruid.

Alternatively, perhaps we should have *all* cases of euid!=ruid turn
on the secure exec flag.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]