10-07-2006
setuid bit on user + dynamically linked libraries
hi all,
i have a critical and specific problem with respect to set uid bit on user and the dll's
for a binary, (under the userid A)
it needs libraries from /usr/lib and informix libraries from $INFORMIXDIR/lib/esql
but this binary should be kicked off from id B,
hence s-bit on user is set for the binary
after setting the s-bit on the binary and the dynamic dependencies and shared objects are listed using ldd,
i could see only the libraries from default directory /usr/lib/ are listed and not from the INFORMIX library paths.
when searched in search engine about this, found that
due to security reasons for a binary for which set bit is set on the user or group the dynamic dependencies will not be included.
can you please provide me a pointer on how to handle this ?
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have a binary. It is having the following permissions
rws rws rwx mqm:mqm runmqtrm
The same program on another machine is
rws rws rwx root: mqm runmqtrm
This program is a setuid program.
This is what my understanding is. Whatever user the program is started under, it will finally be... (0 Replies)
Discussion started by: bandaru
0 Replies
2. Shell Programming and Scripting
Hi friends ,
how do i view a dynamically linked file in unix ?
its there on other system and do i have to ftp it in ASCII format or binary ?
and after the ftp how do i view it ?
thanks in advance
veeras (1 Reply)
Discussion started by: sveera
1 Replies
3. UNIX for Advanced & Expert Users
Hi friends,
i have a dynamically linked file on my solaris system.this is script that runs regularly. How can i read the contents of that ?
when i tried to say "vi filename " then it says executable and nothing is seen.
Please help.
thanks in advance
Veera (5 Replies)
Discussion started by: sveera
5 Replies
4. Programming
how to get the list of all dynamically loaded libraries in memory ?thanks! (3 Replies)
Discussion started by: rainshadow
3 Replies
5. HP-UX
hi i have written small script which will login 2 two different users with su but if we run from normal user it prompts for password so
i chnaged the owner of script to root and added setuid bit
with
chmod u+s <script_name>
but when i run the script i get following message
Warning:... (3 Replies)
Discussion started by: zedex
3 Replies
6. SCO
How do i get the list of linked libraries in a built binaries on SCO UNIX.
I appreciate your help (1 Reply)
Discussion started by: param_it
1 Replies
7. UNIX for Dummies Questions & Answers
Can anyone explain me difference between setuid and sticky bit? and also between setuid and chown? (3 Replies)
Discussion started by: kkalyan
3 Replies
8. Linux
Dear all,
I am newbie with linux, i dont understand any code. I have googled a long time. Please help me explain about setuid bit on linux (Centos 6)
Here:
1/ I chmod u+s for /sbin/iptables but normal user still cannot perform command (ex: /sbin/iptables -L)
2/Someone says : setuid only... (6 Replies)
Discussion started by: all4cfa
6 Replies
9. UNIX for Beginners Questions & Answers
So I have a file called queens.cc and I need to do the following:
Compile and make a .o file while specifying that the compiler is to search /student/214/include for system include files.
Use g++, link and load .o file to make a dynamically linked executable file called queens and to also... (1 Reply)
Discussion started by: steezuschrist96
1 Replies
10. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT OSF1
ldconfig
LDCONFIG(8) Linux Programmer's Manual LDCONFIG(8)
NAME
ldconfig - configure dynamic linker run-time bindings
SYNOPSIS
/sbin/ldconfig [-nNvXV] [-f conf] [-C cache] [-r root] directory...
/sbin/ldconfig -l [-v] library...
/sbin/ldconfig -p
DESCRIPTION
ldconfig creates the necessary links and cache to the most recent shared libraries found in the directories specified on the command line,
in the file /etc/ld.so.conf, and in the trusted directories, /lib and /usr/lib (on some 64-bit architectures such as x86-64, lib and
/usr/lib are the trusted directories for 32-bit libraries, while /lib64 and /usr/lib64 are used for 64-bit libraries).
The cache is used by the run-time linker, ld.so or ld-linux.so. ldconfig checks the header and filenames of the libraries it encounters
when determining which versions should have their links updated.
ldconfig will attempt to deduce the type of ELF libraries (i.e., libc5 or libc6/glibc) based on what C libraries, if any, the library was
linked against.
Some existing libraries do not contain enough information to allow the deduction of their type. Therefore, the /etc/ld.so.conf file format
allows the specification of an expected type. This is used only for those ELF libraries which we can not work out. The format is
"dirname=TYPE", where TYPE can be libc4, libc5, or libc6. (This syntax also works on the command line.) Spaces are not allowed. Also see
the -p option. ldconfig should normally be run by the superuser as it may require write permission on some root owned directories and
files.
OPTIONS
-c fmt, --format=fmt
(Since glibc 2.2) Cache format to use: old, new, or compat (default).
-C cache
Use cache instead of /etc/ld.so.cache.
-f conf
Use conf instead of /etc/ld.so.conf.
-i, --ignore-aux-cache
(Since glibc 2.7) Ignore auxiliary cache file.
-l (Since glibc 2.2) Library mode. Manually link individual libraries. Intended for use by experts only.
-n Process only the directories specified on the command line. Don't process the trusted directories, nor those specified in
/etc/ld.so.conf. Implies -N.
-N Don't rebuild the cache. Unless -X is also specified, links are still updated.
-p, --print-cache
Print the lists of directories and candidate libraries stored in the current cache.
-r root
Change to and use root as the root directory.
-v, --verbose
Verbose mode. Print current version number, the name of each directory as it is scanned, and any links that are created. Overrides
quiet mode.
-V, --version
Print program version.
-X Don't update links. Unless -N is also specified, the cache is still rebuilt.
FILES
/lib/ld.so
Run-time linker/loader.
/etc/ld.so.conf
File containing a list of directories, one per line, in which to search for libraries.
/etc/ld.so.cache
File containing an ordered list of libraries found in the directories specified in /etc/ld.so.conf, as well as those found in the
trusted directories.
SEE ALSO
ldd(1), ld.so(8)
COLOPHON
This page is part of release 4.15 of the Linux man-pages project. A description of the project, information about reporting bugs, and the
latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.
GNU
2017-09-15 LDCONFIG(8)