Env var disappears from at job
in [UK Linux]
|
Prev: RPM Query
Next: Firefox image zoom is bad
From: Big and Blue on 2 Dec 2009 19:37 Richard Kettlewell wrote: > at is a setuid program, and the runtime linker deletes certain > variables from the environment of setuid programs. LD_LIBRARY_PATH is > one of them. That's a bug in the runtime linker, then. It should ignore it, not remove it. That's what the man page for ld.so says it will do o Using the environment variable LD_LIBRARY_PATH (LD_AOUT_LIBRARY_PATH for a.out programs). Except if the exe- cutable is a setuid/setgid binary, in which case it is ignored. and if it did that then "at" would work properly. Although I agree that it *is* removed (a setuid copy of env will show that) Mind you - there is then the case of what happens to any executable that is exec'ed via a setuid program as a way of controlling its running. But, arguably, it's up to the setuid program to remove it then, if it so wishes. -- Just because I've written it doesn't mean that either you or I have to believe it.
From: Richard Kettlewell on 3 Dec 2009 04:15
Big and Blue <No_4(a)dsl.pipex.com> writes: > Richard Kettlewell wrote: >> at is a setuid program, and the runtime linker deletes certain >> variables from the environment of setuid programs. LD_LIBRARY_PATH >> is one of them. > > That's a bug in the runtime linker, then. It should ignore it, not > remove it. That's what the man page for ld.so says it will do > > o Using the environment variable LD_LIBRARY_PATH > (LD_AOUT_LIBRARY_PATH for a.out programs). Except if the exe- > cutable is a setuid/setgid binary, in which case it is ignored. > > and if it did that then "at" would work properly. Although I agree > that it *is* removed (a setuid copy of env will show that) I think the current behaviour is preferable because... > Mind you - there is then the case of what happens to any executable > that is exec'ed via a setuid program as a way of controlling its > running. But, arguably, it's up to the setuid program to remove it > then, if it so wishes. ....relying on every executable to get it right is impractical. -- http://www.greenend.org.uk/rjk/ |