Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: process fails if setuid bit is set
Operating Systems Linux Red Hat process fails if setuid bit is set Post 302476479 by DGPickett on Wednesday 1st of December 2010 07:48:16 PM
Old 12-01-2010
Set uid / grpid exec() turns of LD_LIBRARY_PATH so the program cannot be attacked by a bogus dynamic lib. Either it must be statically linked or compiled with lib path in -R.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

setuid sticky bit

I have a binary. It is having the following permissions rws rws rwx mqm:mqm runmqtrm The same program on another machine is rws rws rwx root: mqm runmqtrm This program is a setuid program. This is what my understanding is. Whatever user the program is started under, it will finally be... (0 Replies)
Discussion started by: bandaru
0 Replies

2. Programming

setuid bit on user + dynamically linked libraries

hi all, i have a critical and specific problem with respect to set uid bit on user and the dll's for a binary, (under the userid A) it needs libraries from /usr/lib and informix libraries from $INFORMIXDIR/lib/esql but this binary should be kicked off from id B, hence s-bit on user is... (5 Replies)
Discussion started by: matrixmadhan
5 Replies

3. HP-UX

setuid bit - error

hi i have written small script which will login 2 two different users with su but if we run from normal user it prompts for password so i chnaged the owner of script to root and added setuid bit with chmod u+s <script_name> but when i run the script i get following message Warning:... (3 Replies)
Discussion started by: zedex
3 Replies

4. UNIX for Dummies Questions & Answers

How can we set the Sticky bit in the umask itself

How can we set the Sticky bit in the umask itself. Please help me :confused: (3 Replies)
Discussion started by: geniman2004
3 Replies

5. UNIX for Dummies Questions & Answers

setuid & sticky bit

Can anyone explain me difference between setuid and sticky bit? and also between setuid and chown? (3 Replies)
Discussion started by: kkalyan
3 Replies

6. Linux

Please explain setuid bit clearly!

Dear all, I am newbie with linux, i dont understand any code. I have googled a long time. Please help me explain about setuid bit on linux (Centos 6) Here: 1/ I chmod u+s for /sbin/iptables but normal user still cannot perform command (ex: /sbin/iptables -L) 2/Someone says : setuid only... (6 Replies)
Discussion started by: all4cfa
6 Replies

7. Programming

c program to set the m-bit to n-bit

I have a 32bit number and without using for loop,I want to set mbit to n bit. Say m bit may be 2nd or 5th or 9th or 10th.n bit may be 22nd or 27or 11th bit. I assume m<n. Please help me.Thanks acdc (6 Replies)
Discussion started by: acdc
6 Replies

8. Shell Programming and Scripting

Setuid not working in Linux as script fails to write to file.

Hi, I have the following 3 test files to test setuid bit which if it works I would like to implement in our application. However setuid doesnot seem to be having any impact on my test below.Following are the 3 files of interest in /tmp/ folder. $ ls -ltr *env* -rw------- 1 g332008 users 6... (23 Replies)
Discussion started by: waavman
23 Replies

9. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

10. UNIX for Beginners Questions & Answers

Java 32 bit installation fails on an AIX platform

Hello. It is my first to deal with Java installation on an AIX platform. I am now trying to install Java 32bit using installp command. However, it throws back the message that the installation media cannot be found. I need to install Java 32bit to proceed with an installation of Oracle JD... (0 Replies)
Discussion started by: EJ2019
0 Replies

LEARN ABOUT SUSE

ld.so

LD.SO(8)						     Linux Programmer's Manual							  LD.SO(8)

NAME

       ld.so, ld-linux.so* - dynamic linker/loader

SYNOPSIS

       The  dynamic  linker  can  be  run  either  indirectly by running some dynamically linked program or library (in which case no command-line
       options to the dynamic linker can be passed and, in the ELF case, the dynamic linker which is stored in the .interp section of the  program
       is executed) or directly by running:

       /lib/ld-linux.so.*  [OPTIONS] [PROGRAM [ARGUMENTS]]

DESCRIPTION

       The programs ld.so and ld-linux.so* find and load the shared libraries needed by a program, prepare the program to run, and then run it.

       Linux binaries require dynamic linking (linking at run time) unless the -static option was given to ld(1) during compilation.

       The  program  ld.so  handles  a.out  binaries,  a  format  used	long ago; ld-linux.so* handles ELF (/lib/ld-linux.so.1 for libc5, /lib/ld-
       linux.so.2 for glibc2), which everybody has been using for years now.  Otherwise both have the same behavior,  and  use	the  same  support
       files and programs ldd(1), ldconfig(8) and /etc/ld.so.conf.

       The shared libraries needed by the program are searched for in the following order:

       o  (ELF	only)  Using the directories specified in the DT_RPATH dynamic section attribute of the binary if present and DT_RUNPATH attribute
	  does not exist.  Use of DT_RPATH is deprecated.

       o  Using the environment variable LD_LIBRARY_PATH.  Except if the executable is a set-user-ID/set-group-ID binary,  in  which  case  it	is
	  ignored.

       o  (ELF only) Using the directories specified in the DT_RUNPATH dynamic section attribute of the binary if present.

       o  From	the  cache  file  /etc/ld.so.cache which contains a compiled list of candidate libraries previously found in the augmented library
	  path.  If, however, the binary was linked with the -z nodeflib linker option, libraries in the default library paths are skipped.

       o  In the default path /lib, and then /usr/lib.	If the binary was linked with the -z nodeflib linker option, this step is skipped.

   $ORIGIN and rpath
       ld.so understands the string $ORIGIN (or equivalently ${ORIGIN}) in an rpath specification (DT_RPATH or DT_RUNPATH) to mean  the  directory
       containing  the application executable.	Thus, an application located in somedir/app could be compiled with gcc -Wl,-rpath,'$ORIGIN/../lib'
       so that it finds an associated shared library in somedir/lib no matter where somedir is located in the directory hierarchy.   This  facili-
       tates  the  creation of "turn-key" applications that do not need to be installed into special directories, but can instead be unpacked into
       any directory and still find their own shared libraries.

OPTIONS

       --list List all dependencies and how they are resolved.

       --verify
	      Verify that program is dynamically linked and this dynamic linker can handle it.

       --library-path PATH
	      Override LD_LIBRARY_PATH environment variable setting (see below).

       --inhibit-rpath LIST
	      Ignore RPATH and RUNPATH information in object names in LIST.  This option is ignored if ld.so is set-user-ID or set-group-ID.

ENVIRONMENT

       There are four important environment variables.

       LD_BIND_NOW
	      (libc5; glibc since 2.1.1) If set to a nonempty string, causes the dynamic linker to resolve all symbols at program startup  instead
	      of deferring function call resolution to the point when they are first referenced.  This is useful when using a debugger.

       LD_LIBRARY_PATH
	      A colon-separated list of directories in which to search for ELF libraries at execution-time.  Similar to the PATH environment vari-
	      able.

       LD_PRELOAD
	      A whitespace-separated list of additional, user-specified, ELF shared libraries to be loaded before all others.  This can be used to
	      selectively override functions in other shared libraries.  For set-user-ID/set-group-ID ELF binaries, only libraries in the standard
	      search directories that are also set-user-ID will be loaded.

       LD_TRACE_LOADED_OBJECTS
	      (ELF only) If set to a nonempty string, causes the program to list its dynamic library dependencies, as if run by ldd(1), instead of
	      running normally.

       Then there are lots of more or less obscure variables, many obsolete or only for internal use.

       LD_AOUT_LIBRARY_PATH
	      (libc5) Version of LD_LIBRARY_PATH for a.out binaries only.  Old versions of ld-linux.so.1 also supported LD_ELF_LIBRARY_PATH.

       LD_AOUT_PRELOAD
	      (libc5) Version of LD_PRELOAD for a.out binaries only.  Old versions of ld-linux.so.1 also supported LD_ELF_PRELOAD.

       LD_AUDIT
	      (glibc  since  2.4) A colon-separated list of user-specified, ELF shared objects to be loaded before all others in a separate linker
	      namespace (i.e., one that does not intrude upon the normal symbol bindings that would occur in the process).  These libraries can be
	      used to audit the operation of the dynamic linker.  LD_AUDIT is ignored for set-user-ID/set-group-ID binaries.

	      The  dynamic linker will notify the audit libraries at so-called auditing checkpoints--for example, loading a new library, resolving
	      a symbol, or calling a symbol from another shared object--by calling an appropriate function within the audit library.  For details,
	      see  rtld-audit(7).   The  auditing  interface  is  largely compatible with that provided on Solaris, as described in its Linker and
	      Libraries Guide, in the chapter Runtime Linker Auditing Interface.

       LD_BIND_NOT
	      (glibc since 2.1.95) Do not update the GOT (global offset table) and PLT (procedure linkage table) after resolving a symbol.

       LD_DEBUG
	      (glibc since 2.1) Output verbose debugging information about the dynamic linker.	If set to all prints all debugging information	it
	      has,  if set to help prints a help message about which categories can be specified in this environment variable.	Since glibc 2.3.4,
	      LD_DEBUG is ignored for set-user-ID/set-group-ID binaries.

       LD_DEBUG_OUTPUT
	      (glibc since 2.1) File where LD_DEBUG output should be fed into, default is standard output.  LD_DEBUG_OUTPUT is	ignored  for  set-
	      user-ID/set-group-ID binaries.

       LD_DYNAMIC_WEAK
	      (glibc  since  2.1.91)  Allow  weak  symbols  to be overridden (reverting to old glibc behavior).  For security reasons, since glibc
	      2.3.4, LD_DYNAMIC_WEAK is ignored for set-user-ID/set-group-ID binaries.

       LD_HWCAP_MASK
	      (glibc since 2.1) Mask for hardware capabilities.

       LD_KEEPDIR
	      (a.out only)(libc5) Don't ignore the directory in the names of a.out libraries to be loaded.  Use of this option	is  strongly  dis-
	      couraged.

       LD_NOWARN
	      (a.out only)(libc5) Suppress warnings about a.out libraries with incompatible minor version numbers.

       LD_ORIGIN_PATH
	      (glibc  since  2.1)  Path  where the binary is found (for non-set-user-ID programs).  For security reasons, since glibc 2.4, LD_ORI-
	      GIN_PATH is ignored for set-user-ID/set-group-ID binaries.

       LD_POINTER_GUARD
	      (glibc since 2.4) Set to 0 to disable pointer guarding.  Any other value enables	pointer  guarding,  which  is  also  the  default.
	      Pointer  guarding is a security mechanism whereby some pointers to code stored in writable program memory (return addresses saved by
	      setjmp(3) or function pointers used by various glibc internals) are mangled semi-randomly to make it more difficult for an  attacker
	      to hijack the pointers for use in the event of a buffer overrun or stack-smashing attack.

       LD_PROFILE
	      (glibc since 2.1) Shared object to be profiled, specified either as a pathname or a soname.  Profiling output is written to the file
	      whose name is: "$LD_PROFILE_OUTPUT/$LD_PROFILE.profile".

       LD_PROFILE_OUTPUT
	      (glibc since 2.1) Directory where LD_PROFILE output should be written.  If this variable is not defined, or is defined as  an  empty
	      string,  then  the  default  is  /var/tmp.  LD_PROFILE_OUTPUT is ignored for set-user-ID and set-group-ID programs, which always use
	      /var/profile.

       LD_SHOW_AUXV
	      (glibc since 2.1) Show auxiliary array passed up from the kernel.  For security reasons, since glibc 2.3.5, LD_SHOW_AUXV is  ignored
	      for set-user-ID/set-group-ID binaries.

       LD_USE_LOAD_BIAS
	      By  default  (i.e.,  if  this  variable  is not defined) executables and prelinked shared objects will honor base addresses of their
	      dependent libraries and (nonprelinked) position-independent executables (PIEs) and other shared objects will  not  honor	them.	If
	      LD_USE_LOAD_BIAS	is defined wit the value, both executables and PIEs will honor the base addresses.  If LD_USE_LOAD_BIAS is defined
	      with the value 0, neither executables nor PIEs will honor the base addresses.  This variable is  ignored	by  set-user-ID  and  set-
	      group-ID programs.

       LD_VERBOSE
	      (glibc  since 2.1) If set to a nonempty string, output symbol versioning information about the program if querying information about
	      the program (i.e., either LD_TRACE_LOADED_OBJECTS has been set, or --list or  --verify  options  have  been  given  to  the  dynamic
	      linker).

       LD_WARN
	      (ELF only)(glibc since 2.1.3) If set to a nonempty string, warn about unresolved symbols.

       LDD_ARGV0
	      (libc5) argv[0] to be used by ldd(1) when none is present.

FILES

       /lib/ld.so
	      a.out dynamic linker/loader
       /lib/ld-linux.so.{1,2}
	      ELF dynamic linker/loader
       /etc/ld.so.cache
	      File containing a compiled list of directories in which to search for libraries and an ordered list of candidate libraries.
       /etc/ld.so.preload
	      File containing a whitespace separated list of ELF shared libraries to be loaded before the program.
       lib*.so*
	      shared libraries

NOTES

       The  ld.so  functionality  is available for executables compiled using libc version 4.4.3 or greater.  ELF functionality is available since
       Linux 1.1.52 and libc5.

SEE ALSO

       ldd(1), rtld-audit(7), ldconfig(8)

COLOPHON

       This page is part of release 3.25 of the Linux man-pages project.  A description of the project, and information about reporting bugs,  can
       be found at http://www.kernel.org/doc/man-pages/.

GNU
								    2009-01-12								  LD.SO(8)
All times are GMT -4. The time now is 05:04 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy