01-03-2014
Yes env variables are being exported. That is why when I print LD_LIBRARY_PATH has the right value. But I read online that the reason ldd cannot find the library file even though LD_LIBRARY_PATH has the path is because when setuid binary is used, for security reasons Linux and most modern unix systems ignore LD_LIBRARY_PATH variable because of the risk that some usercould point LD_LIBRARY_PATH to some nefarious library file and use the C setuid binary to run some malicious code.
In my case
scriptwrapper.ksh contains
#!/usr/bin/ksh
setuidbinary script.ksh
script.ksh contains
#!/usr/bin/ksh
. <path>/setenv.ksh
sqlplus -s ......
Since C setuidbinary is setuid to owner cdds, when user cddsoper tries to run scriptwrapper.ksh, even though LD_LIBRARY_PATH is exported the right value by setenv.ksh, when sqplus ORACLE binary is run, loader cannot find the .so libraries used by Oracle sqlplus binary because those paths are defined in LD_LIBRARY_PATH variable which is disabled.
I even tried specifying the Dynamic library path at compile time into the C binary setuidbinary using
gcc setuidbinary.c -Wl,-rpath=/app/oracle/lib -o setuidbinary
But even that doesnot work because when I run setuidwrapper.ksh as cddsoper user, I get the same "libsqlplus.so not found" error.
Does anybody know any other workaround for this that tells the linker to look exactly in /app/oracle/lib for libsqlplus.so when user cddsoper calls the setuid binary setuidbinary even if it ignores LD_LIBRARY_PATH for security reasons ?
Much appreciated.
thanks
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I need to find all the files that have group Read or Write permission or files that have user write permission.
This is what I have so far:
find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}'
It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies
2. Solaris
Hi
my directory not accepting any commands. its simply telling permission denied. i tried ( cp, mv, rm ) as roor
i want to set default permissons to this DIR
please find the Logs below.
dr-xr-xr-x 1 root root 1 Jun 1 09:04 AP1_ROP ( original dir)
root> chmod 777... (5 Replies)
Discussion started by: vijayq8
5 Replies
3. Shell Programming and Scripting
Hi,
The requirement is like,
the program needs 2 argument one is user_id and second one is directory path. My script will check if that user_id has write access to the directory path. The directory path may be in any file system like AFS or NFS.
Can any one please suggest some points to... (1 Reply)
Discussion started by: siba.s.nayak
1 Replies
4. Shell Programming and Scripting
Guys, i wanna get any user files with write permission (on user or group permission) for review but i confuse with -perm parameter.
any body can help me to explain what is that mean?
thank's (1 Reply)
Discussion started by: michlix
1 Replies
5. Shell Programming and Scripting
I want to check access rights permissions not for 'user', not for 'group', but for 'others'.
I want to do it by system command in which i want to use 'ls -l' and 'awk' command.
I have written the following program :
#!/usr/bin/local/perl
#include <stdlib.h>
system ("ls -l | awk... (1 Reply)
Discussion started by: shubhamsachdeva
1 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I have a shell script(test.sh) and need to give execute permission for this shell script to user group
cobr_sftp and oracle.
Could you please help as to how to give this permission.
I have already given full access(777) to script test.sh. Does this mean all the users/user group can access... (1 Reply)
Discussion started by: abhi_123
1 Replies
7. Web Development
Hi
I am trying to make a web program which is command line equivalent. i have done the coding in cgi program in perl and html for basic forms to take inputs. when i ran the program from web application i see permission denied messages. after analyzing i found apache is running as wwwrun which... (2 Replies)
Discussion started by: rakeshkumar
2 Replies
8. UNIX for Beginners Questions & Answers
Hi All,
We have a scenario in production where we want only one user from a group to modify the file. The file is not set to write permission for application manager.
-r--r--r-- 1 amgr u00 15661716 Aug 30 00:06 DCI.dat
So here amgr will have permission to edit the file. We want a... (10 Replies)
Discussion started by: arunkumar_mca
10 Replies
9. AIX
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. I do not want to assign user the same group of that directories too.... (0 Replies)
Discussion started by: blinkingdan
0 Replies
times(1) User Commands times(1)
NAME
times - shell built-in function to report time usages of the current shell
SYNOPSIS
sh
times
ksh
times
DESCRIPTION
sh
Print the accumulated user and system times for processes run from the shell.
ksh
Print the accumulated user and system times for the shell and for processes run from the shell.
On this man page, ksh(1) commands that are preceded by one or two * (asterisks) are treated specially in the following ways:
1. Variable assignment lists preceding the command remain in effect when the command completes.
2. I/O redirections are processed after variable assignments.
3. Errors cause a script that contains them to abort.
4. Words, following a command preceded by ** that are in the format of a variable assignment, are expanded with the same rules as a vari-
able assignment. This means that tilde substitution is performed after the = sign and word splitting and file name generation are not
performed.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO
ksh(1), sh(1), time(1), attributes(5)
SunOS 5.10 15 Apr 1994 times(1)