[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LD_LIBRARY_PATH is not exported to subshells
|
From: |
Adam Lazur |
|
Subject: |
Re: LD_LIBRARY_PATH is not exported to subshells |
|
Date: |
Wed, 16 Jan 2008 14:17:07 -0800 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
Trying to get things less hazy.
From ld.so(8):
The necessary shared libraries needed by the program are searched for
in the following order
o Using the environment variable LD_LIBRARY_PATH
(LD_AOUT_LIBRARY_PATH for a.out programs). Except if the exe-
cutable is a setuid/setgid binary, in which case it is ignored.
I tried to find this type of stuff in the glibc source online quickly,
but here's all I can do:
http://google.com/codesearch?hl=en&q=+package:glibc+LD_LIBRARY_PATH+show:5-uyA-74TiI:kyA999K8eys:Etn8yARxAbA&sa=N&cd=19&ct=rc&cs_p=http://ftp.gnu.org/gnu/glibc/glibc-2.3.3.tar.bz2&cs_f=glibc-2.3.3/sysdeps/generic/unsecvars.h#first
I assert that UNSECURE_ENVVARS are scrubbed by glibc somewhere in
combination with a check of euid and egid. This is clearly a security
thing.
.laz
Adam Lazur (address@hidden) said:
> My memory is hazy, but I believe I tracked this down to glibc doing this
> on behalf of screen because it's a setgid binary.
>
> Details are hazy because this was a year or three ago.
>
> .laz
>
> Zvi Har'El (address@hidden) said:
> > Hi
> >
> >
> > Thanks, but no thanks. I am not interested in tricks to set
> > LD_LIBRARY_PATH. This is not what the screen mailing list about.
> >
> >
> > I am concerned about the fact that screen removes LD_LIBRARY_PATH from
> > the environment, and I believe this behavior is a bug.
> >
> >
> > Zvi.
> >
> >
> > On 16/01/08 23:15, Randy Belk wrote:
> >
> > >When you first login Bash will read /etc/bash.bashrc and also
> > >$HOME/.bashrc to set stuff like your path($PATH) and other environment
> > >variables. Always put your LD_LIBRARY_PATH exports in either of these
> > >two files. New bash screen sessions will always read /etc/bash.bashrc
> > >and also $HOME/.bashrc on startup! You don't need to write a script
> > >use VI and add the LD_LIBRARY_PATH to these file once and your done.
> > >
> > >On Jan 16, 2008 2:41 PM, Zvi Har'El <address@hidden> wrote:
> > >
> > >>
> > >>Of course this works. But the problem is that LD_LIBRARY_PATH is part of
> > >>the
> > >>configuration of the run (shared libraries used in addition to the
> > >>standard
> > >>libraries). Of course I can write a script to edit .bashrc, but this is a
> > >>ridiculed solution. Why cannot screen export the original
> > >>LD_LIBRARY_PATH???
> > >>
> > >>
> > >>
> > >> On 16/01/08 20:54, Randy Belk wrote:
> > >>
> > >>
> > >>
> > >> Try putting the LD_LIBRARY_PATH in your .bashrc, that should work.
> > >>
> > >>On Jan 16, 2008 11:59 AM, Zvi Har'El <address@hidden> wrote:
> > >>
> > >>
> > >> I am using screen to run several applications simultaneously in the
> > >>same environment. The environment preparation consists of exporting
> > >>various variables, including LD_LIBRARY_PATH. However, after running
> > >>screen, the various windows show the original environment (of course
> > >>few changes, like $SHLVL increases, $TERM is changed to screen and
> > >>$TERMCAP, $STY and $WINDOW are set), but one important variable
> > >>disppeared: $LD_LIBRARY_PATH is not set at all. In the following
> > >>example, I did "export >/tmp/before;screen" and then, on window 0:
> > >>
> > >>sh-3.00$ export >/tmp/after
> > >>sh-3.00$ diff /tmp/{before,after}
> > >>23d22
> > >>< export LD_LIBRARY_PATH="/usr/local/lib:/opt/openssl/lib"
> > >>39c38
> > >>< export SHLVL="3"
> > >>---
> > >> > export SHLVL="4"
> > >>42a42
> > >> > export STY="16314.pts-2.bambi"
> > >>44c44,68
> > >>< export TERM="xterm"
> > >>---
> > >> > export TERM="screen"
> > >> > export TERMCAP="SC|screen|VT 100/ANSI X3.64 virtual terminal:\\\
> > >> > :DO=\\E[%dB:LE=\\E[%dD:RI=\\E[%dC:UP=\\E[%dA:bs:bt=\\E[Z:\\\
> > >> > :cd=\\E[J:ce=\\E[K:cl=\\E[H\\E[J:cm=\\E[%i%d;%dH:ct=\\E[3g:\\\
> > >> > :do=^J:nd=\\E[C:pt:rc=\\E8:rs=\\Ec:sc=\\E7:st=\\EH:up=\\EM:\\\
> > >> > :le=^H:bl=^G:cr=^M:it#8:ho=\\E[H:nw=\\EE:ta=^I:is=\\E)0:\\\
> > >> > :li#77:co#80:am:xn:xv:LP:sr=\\EM:al=\\E[L:AL=\\E[%dL:\\\
> > >> > :cs=\\E[%i%d;%dr:dl=\\E[M:DL=\\E[%dM:dc=\\E[P:DC=\\E[%dP:\\\
> > >> > :im=\\E[4h:ei=\\E[4l:mi:IC=\\E[%d@:ks=\\E[?1h\\E=:\\\
> > >> > :ke=\\E[?1l\\E>:vi=\\E[?25l:ve=\\E[34h\\E[?25h:vs=\\E[34l:\\\
> > >> > :ti=\\E[?1049h:te=\\E[?1049l:us=\\E[4m:ue=\\E[24m:so=\\E[3m:\\\
> > >> > :se=\\E[23m:mb=\\E[5m:md=\\E[1m:mr=\\E[7m:me=\\E[m:ms:\\\
> > >> > :Co#8:pa#64:AF=\\E[3%dm:AB=\\E[4%dm:op=\\E[39;49m:AX:\\\
> > >> > :vb=\\Eg:G0:as=\\E(0:ae=\\E(B:\\\
> > >> >
> > >>:ac=\\140\\140aaffggjjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~..--++,,hhII00:\\\
> > >> > :po=\\E[5i:pf=\\E[4i:Z0=\\E[?3h:Z1=\\E[?3l:k0=\\E[10~:\\\
> > >> > :k1=\\EOP:k2=\\EOQ:k3=\\EOR:k4=\\EOS:k5=\\E[15~:k6=\\E[17~:\\\
> > >> > :k7=\\E[18~:k8=\\E[19~:k9=\\E[20~:k;=\\E[21~:F1=\\E[23~:\\\
> > >> > :F2=\\E[24~:F3=\\E[1;2P:F4=\\E[1;2Q:F5=\\E[1;2R:F6=\\E[1;2S:\\\
> > >> > :F7=\\E[15;2~:F8=\\E[17;2~:F9=\\E[18;2~:FA=\\E[19;2~:kb=^H:\\\
> > >> > :K2=\\EOE:kB=\\E[Z:kF=\\E[1;2B:kR=\\E[1;2A:*4=\\E[3;2~:\\\
> > >> > :*7=\\E[1;2F:#2=\\E[1;2H:#3=\\E[2;2~:#4=\\E[1;2D:%c=\\E[6;2~:\\\
> > >> > :%e=\\E[5;2~:%i=\\E[1;2C:kh=\\E[1~:@1=\\E[1~:kH=\\E[4~:\\\
> > >> > :@7=\\E[4~:kN=\\E[6~:kP=\\E[5~:kI=\\E[2~:kD=\\E[3~:ku=\\EOA:\\\
> > >> > :kd=\\EOB:kr=\\EOC:kl=\\EOD:km:"
> > >>49a74
> > >> > export WINDOW="0"
> > >>55a81
> > >> > export _="sh"
> > >>
> > >>--
> > >>Dr. Zvi Har'El mailto:address@hidden Department of Mathematics
> > >>tel:+972-54-4227607 Technion - Israel Institute of Technology
> > >>fax:+972-4-8293388 http://www.math.technion.ac.il/~rl/ Haifa 32000, ISRAEL
> > >>"If you can't say somethin' nice, don't say nothin' at all." -- Thumper
> > >>(1942)
> > >>
> > >>
> > >>
> > >>_______________________________________________
> > >>screen-users mailing list
> > >>address@hidden
> > >>http://lists.gnu.org/mailman/listinfo/screen-users
> > >>
> > >>
> > >>
> > >>_______________________________________________
> > >>screen-users mailing list
> > >>address@hidden
> > >>http://lists.gnu.org/mailman/listinfo/screen-users
> > >>
> > >>
> > >> --
> > >>Dr. Zvi Har'El mailto:address@hidden Department of Mathematics
> > >>tel:+972-54-4227607 Technion - Israel Institute of Technology
> > >>fax:+972-4-8293388 http://www.math.technion.ac.il/~rl/ Haifa 32000, ISRAEL
> > >>"If you can't say somethin' nice, don't say nothin' at all." -- Thumper
> > >>(1942)
> > >>
> > >>
> > >>
> > >
> > >
> > >_______________________________________________
> > >screen-users mailing list
> > >address@hidden
> > >http://lists.gnu.org/mailman/listinfo/screen-users
> > >
> >
>
>
>
--
Adam Lazur
- LD_LIBRARY_PATH is not exported to subshells, Zvi Har'El, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Randy Belk, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Zvi Har'El, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Randy Belk, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Zvi Har'El, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Adam Lazur, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells,
Adam Lazur <=
- Re: LD_LIBRARY_PATH is not exported to subshells, Zvi Har'El, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Zvi Har'El, 2008/01/16
- Re: LD_LIBRARY_PATH is not exported to subshells, Peder Stray, 2008/01/16
- Re: [screen-devel] Re: LD_LIBRARY_PATH is not exported to subshells, Juergen Weigert, 2008/01/17