Bugtraq mailing list archives

LD_ hole (was Re: IFS hole?)

From: mcn () c3serve c3 lanl gov (Michael Neuman)
Date: Wed, 15 Dec 1993 13:18:14 -0700

From bugtraq-owner () crimelab crimelab com Tue Dec 14 23:51:50 1993

c) delete any environment varable that begins with LD_


  Most people have said this for obvious reasons, but the ld manpage says
that will not search anything (for suid binaries) other than the trusted
paths for dynamically linked libraries even if LD_LIBRARY_PATH is set. Is
this statement false? Is there a way around it? Is LD_PRELOAD_PATH documented
anywhere?:-)

Mike Neuman
mcn () lanl gov

Current thread:

LD_ hole (was Re: IFS hole?) Michael Neuman (Dec 15)
- Re: LD_ hole (was Re: IFS hole?) smb () research att com (Dec 15)
- Re: LD_ hole (was Re: IFS hole?) Rik Harris (Dec 15)
- The LD_* vars (was Re: LD_ hole) Justin Mason (Dec 16)
- <Possible follow-ups>
- Re: LD_ hole (was Re: IFS hole?) Howie Kaye (Dec 15)