[Bug 5168] New: LD_PRELOAD does not work as documented for SUID binaries
bugzilla at busybox.net
bugzilla at busybox.net
Thu May 3 06:53:54 UTC 2012
https://bugs.busybox.net/show_bug.cgi?id=5168
Summary: LD_PRELOAD does not work as documented for SUID
binaries
Product: uClibc
Version: 0.9.32
Platform: PC
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P5
Component: Shared Library Support
AssignedTo: unassigned at uclibc.org
ReportedBy: erik at ejohansson.se
CC: uclibc-cvs at uclibc.org
Estimated Hours: 0.0
According to the help for LDSO_PRELOAD_ENV_SUPPORT: "For
set-user-ID/set-group-ID ELF binaries, only libraries in the standard search
directories that are also set-user-ID will be loaded."
However, this does not work.
Looking at _dl_get_ready_to_run() in ldso/ldso/ldso.c it seems that LD_PRELOAD
and _dl_preload is unset when _dl_secure is 1. This looks incorrect as
_dl_load_elf_shared_library() in ldso/ldso/dl-elf.c seems to only allow loading
of SUID libraries when _dl_secure is 1.
Without having tested it, perhaps it would be enough to replace:
_dl_preload = NULL;
in ldso.c with:
_dl_preload = _dl_getenv("LD_PRELOAD", envp);
and moving the statement before the while that unsets unsecure envvars?
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the uClibc-cvs
mailing list