Re: /dev/tcp, and a LD_LIBRARY_PATH question.

[Todd.Miller () cs colorado edu (Todd C. Miller)]

In message <9412060851.AA27261 () al mrc-lmb cam ac uk>
        so spake Bonfield James (jkb):

> Doug Hughes wrote:
>
> > If I recall correctly, (I could be wrong), was the original discussion
> > about sudo? If so, why not statically link it? (I'm not discounting
> > the importance of the LD_* problem).
>
> This is not the problem. For setuid programs the LD_* variables will be
> ignored. This ought to be true on all systems (although a very early release
> (BL10 I think) of DEC OSF/1 had this bug). The check is done by looking at
> real and effective uids (and gids) to see whether they're the same.
>
> However the problem arises when the program sets the two uids to be the same
> and then executes another program. In this case the LD_* problem will exist
> again as the child process will pass the above test. This caused problems for
>
> sudo, login -p, su, lpr, sendmail (programs in .forward files) and probably
> more. As I recall SunOS4.1.3 fixed this - presumably by removing the LD_*
> variables when the test above fail, although I haven't checked this.

Exactly.  However, current versions of sudo remove LD_* (and equivalents on
different OS's).  The lastest sudo may always be found on ftp.cs.colorado.edu
as /pub/sysadmin/utilities/cu-sudo*.Z.  The current version is 1.3.1pl4,
pl5 will be out as soon as I have time to clean up a few things.

 - todd