Bug#272210: libc6: LD_DEBUG should be ignored for suid/sgid binaries
Subject: libc6: LD_DEBUG should be ignored for suid/sgid binaries
Package: libc6
Version: 2.3.2.ds1-16
Severity: normal
Tags: security
Hello,
I read this article in LWN about how LD_DEBUG should be ignored for
suid/sgid binaries to avoid helping people to exploit race conditions:
http://lwn.net/Articles/99137/
Sarge exhibits this problem, as you can see here:
metaur@metaur:~$ ls -al /usr/bin/passwd
-rwsr-xr-x 1 root root 26616 2004-09-08 07:13 /usr/bin/passwd
metaur@metaur:~$ LD_DEBUG=all /usr/bin/passwd
6705:
6705: file=libcrypt.so.1; needed by /usr/bin/passwd
6705: find library=libcrypt.so.1; searching
6705: search cache=/etc/ld.so.cache
6705: trying file=/lib/libcrypt.so.1
6705:
6705: file=libcrypt.so.1; generating link map
6705: dynamic: 0x40026304 base: 0x40021000 size: 0x0002c55c
[...lots of output...]
Please consider patching this.
// Ulf Harnhammar
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.26-1-686
Locale: LANG=en_GB, LC_CTYPE=en_GB
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
Reply to: