From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/4732 Path: news.gmane.org!not-for-mail From: =?ISO-8859-2?Q?Daniel_Cegie=B3ka?= Newsgroups: gmane.linux.lib.musl.general Subject: Re: be able to break inheritance of LD_LIBRARY_PATH Date: Fri, 28 Mar 2014 17:34:29 +0100 Message-ID: References: <20140328104208.GZ8221@example.net> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1396024494 16943 80.91.229.3 (28 Mar 2014 16:34:54 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 28 Mar 2014 16:34:54 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-4736-gllmg-musl=m.gmane.org@lists.openwall.com Fri Mar 28 17:35:04 2014 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1WTZkF-0001qR-N7 for gllmg-musl@plane.gmane.org; Fri, 28 Mar 2014 17:35:03 +0100 Original-Received: (qmail 22265 invoked by uid 550); 28 Mar 2014 16:35:02 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 22257 invoked from network); 28 Mar 2014 16:35:01 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=0haB0C5WzJ9BzBfxjv7uAJmJejcPLAx9zptcVyq/n5c=; b=iBT526EePvYbHhbbg331uCNmVTsQnyZXkMAnviALdE1JhdqN3thMvVbxhM7AFH+hvC ttkWCoxP3jEzdHo72VLxJsiQ99g79YAo9qIew2oOk4m7Rm02ZYG+HiUvuFaKZT+O9hdo bl8dmZT+ttfKBzy/prltHwiD9lLWCuC26ta+dVTd+hiWD4J2jGT953+Ze1YdPfl5D63O lYqZuHBXGc6R4MgzTUzRNJJCfGWumHhu4y7Do6Ty72h33T7LvNPJCmF7uaFTbTX6dy5/ OfzXY9/vKyyWX0FmWffF+jsiP3jewtHdbDusbDA0/Is7zePpxGbH6sSx3bh7IxcJuWtP MDKQ== X-Received: by 10.229.116.193 with SMTP id n1mr10524569qcq.10.1396024489862; Fri, 28 Mar 2014 09:34:49 -0700 (PDT) In-Reply-To: <20140328104208.GZ8221@example.net> Xref: news.gmane.org gmane.linux.lib.musl.general:4732 Archived-At: 2014-03-28 11:42 GMT+01:00 : > > A na=EFve implementation might look as follows: > > --- src/ldso/dynlink.c.ori 2014-03-28 10:37:34.821317811 +0100 > +++ src/ldso/dynlink.c 2014-03-28 11:21:16.828047766 +0100 > @@ -962,6 +962,7 @@ > size_t vdso_base; > size_t *auxv; > char **envp =3D argv+argc+1; > + int forget_ld_library_path =3D 0; > > /* Find aux vector just past environ[] */ > for (i=3Dargc+1; argv[i]; i++) > @@ -969,8 +970,19 @@ > env_path =3D argv[i]+16; > else if (!memcmp(argv[i], "LD_PRELOAD=3D", 11)) > env_preload =3D argv[i]+11; > + else if (!memcmp(argv[i], "FORGET_LD_LIBRARY_PATH=3D", 23= )) > + forget_ld_library_path =3D 1; > auxv =3D (void *)(argv+i+1); > > + /* one _may_ wish to break the inheritance of LD_LIBRARY_PATH, > + * the hack below only works if the corresponding memory is writa= ble > + * -- rl */ > + if (forget_ld_library_path) > + for (i=3Dargc+1; argv[i]; i++) > + if (!memcmp(argv[i], "LD_LIBRARY_PATH=3D", 16) || > + !memcmp(argv[i], "FORGET_LD_LIBRARY_PATH=3D",= 23)) > + argv[i][0] =3D 'X'; > + > decode_vec(auxv, aux, AUX_CNT); > > /* Only trust user/env if kernel says we're not suid/sgid */ > > > What do you think about this? Can this or something better be done? > I would love to be able to go with musl. Hi Rune, I don't understand why you expect that users wants this functionality. Is this raises the risk for SUID/SGID? /* Only trust user/env if kernel says we're not suid/sgid */ if ((aux[0]&0x7800)!=3D0x7800 || aux[AT_UID]!=3Daux[AT_EUID] || aux[AT_GID]!=3Daux[AT_EGID] || aux[AT_SECURE]) { env_path =3D 0; env_preload =3D 0; libc.secure =3D 1; } but where is hardering for forget_ld_library_path? Daniel > > Regards, > Rune >