Re: LD_PRELOAD used with setuid programs (was Re: Fakeroot security problem)
I enquired about LD_PRELOAD on the misc@openbsd.org list (for those who don't
know, OpenBSD is a variant of BSD which specialises in security and
multi-platform support). I obtained the following response.
David Scott
-----------------------------------------------------------------------------
On Wed, Feb 11, 1998 at 12:10:03PM +0000, David Scott +44 1383 821921 wrote:
> I have been half following a discussion on debian-sparc list concerning
whether
> or not normal users should be allowed to influence which libraries a setuid
> program is loaded with. The question arose as to whether allowing LD_PRELOAD
to
> work on setuid binaries is a standard 'Unix' practice. Does anybody feel like
> answering this question for the case of OpenBSD? I am willing to forward the
> reply.
Definitely NOT standard... or else, use the following code fragment:
int getuid()
{
return whatever;
}
int geteuid()
{
return whatever;
}
makes it rather easy to impersonate someone, doesn't it ?
If you allow LD_PRELOAD, you effectively make it impossible to use ANY library
call from a setuid program, while suid'ed.
--
Marc Espie
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-sparc-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: