Re: Unfortunate dynamic linking for everything

From: David Schultz <das_at_FreeBSD.ORG>
Date: Tue, 18 Nov 2003 20:07:25 -0800
On Tue, Nov 18, 2003, Scott Long wrote:
> > The additional hole of exploiting the system through the shared libs
> > is a negative tradeoff.
> 
> Exploits in libraries happen though.  The LD_LIBRARY_PATH attack is an old
> one that most Unixes are hopefully hardened against.

FreeBSD had a lingering LD_LIBRARY_PATH-related vulnerability
until Sunday, actually[1].  ;-)  But I don't mean to dispute your
point.  Like most of the other arguments in this bikeshed, there
is nothing fundamental about the LD_LIBRARY_PATH problem---nothing
that can't be fixed easily.


[1] The bug is either that nologin(8) respected LD_LIBRARY_PATH or
    that sshd(8) and login(1) allow environment poisoning, depending
    on your point of view.
Received on Tue Nov 18 2003 - 19:09:18 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:29 UTC