Re: [Linux-ia64] Location of hard coded IA32 libraries

From: Jes Sorensen <jes_at_sunsite.dk>
Date: 2001-09-10 19:26:08
>>>>> "Don" == Don Dugger <n0ano@valinux.com> writes:

Don> That's a pretty stong argument for not using the environment
Don> variable approach.  If we go with using a hard coded path, like
Don> `/usr/ia32', then there is no security hole.  This just becomes
Don> another tree that has to have protected files the same way `/'
Don> needs protected files.

I don't see the problem for environment variables either, LD_IA32_PATH
should just be treated like LD_LIBRARY_PATH and do magic for suid
binaries. On the other hand if the sysadmin allows you to overwrite
/usr/ia32/lib then you are in the same situation as if the user can
overwrite /usr/lib ;-)

Cheers
Jes
Received on Mon Sep 10 02:27:04 2001

This archive was generated by hypermail 2.1.8 : 2005-08-02 09:20:05 EST