This question deals with Solaris 2.8 and setuid programs. From research I've done so far, setuid programs ignore LD_LIBRARY_PATH; I've proven this and am OK with it. The thing I am not certain of how the C compiler is supposed to behave when it is invoked via a setuid program. Basically, we have the following design:
Quote:
- developers call a program which is actually a softlink
- the softlink points to a setuid program (compiled C wrapper)
- the wrapper calls a shell script which performs code compilation (Oracle Pro*C)
We were faced with the following error (produced by the shell script):
Code:
cc -xO3 -Xa -xstrconst -dalign -xF -errtags=yes -v -xarch=v9 -xchip=ultra2 -DSS_64BIT_SERVER -DBIT64 -DMACHINE64 -KPIC -errtags=yes -erroff=E_NO_IMPLICIT_DECL_ALLOWED,E_OLD_STYLE_DECL_OR_BAD_TYPE,E_FUNC_HAS_NO_RETURN_STMT -I. -I/u01/app/oracle/product/9.2.0/precomp/public -I/u01/app/oracle/product/9.2.0/rdbms/public
-I/u01/app/oracle/product/9.2.0/plsql/public -I/u01/app/oracle/product/9.2.0/network/public -DSLMXMX_ENABLE -DSLTS_ENABLE -D_REENTRANT -c validate_depex_tree.c
ld.so.1: acomp: fatal: lib_I_dbg_gen.so: open failed: No such file or directory
cc: Fatal error in /opt/SUNWspro/bin/../prod/bin/acomp : Killed
From a previous experience with HP-UX 11, I assumed that the setuid piece may be causing LD_LIBRARY_PATH (even the default used by cc) to be ignored. So I modified the shell script to include the three default library directories (one of which does contain lib_I_dbg_gen.so) using the '-L' compiler option. But same result. I had read somewhere (Google) that even though LD_LIBRARY_PATH is ignored for setuid programs, library directories explicitly added to the cc command-line would be used; but this does not appear to be the case.
Does anyone have any ideas???
P.S. The reason this doesn't work now is because the entire application is being migrated from HP-UX 10.20 (where it did work) to Solaris 2.8.
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
I am on Solaris .
I have written a script callled T_1.sh
#!/bin/sh
########################################################################################################
# # Source borne shell env.This is required for crontab to work as bip.sh uses environmental variables.... (24 Replies)
Hi.,
Currently my LD_LIBRARY_PATH setting is,
LD_LIBRARY_PATH=/opt/app/product/11.2.0/client_1/lib
Now, I need to append the JAVA to this setting...
Can I set this way, Please suggest.
... (4 Replies)
I have a question on setting environmental variable LD_LIBRARY_PATH.
The case is that, i cannot execute wget on my AIX machine.
It return the following error:
exec(): 0509-036 Cannot load program wget because of the following errors:
0509-022 Cannot load module... (5 Replies)
Inside my csh script, I have the following command:
source ${HOME}/.login
When I execute my csh script, why do I get the following error message:
/cygdrive/c/WINDOWS/system32/export: Permission denied
This is what I have inside my .login
#!/bin/bash
export... (9 Replies)
Hi all!
I need to add new environment variable.
e.g. # setenv LD_LIBRARY_PATH "/usr/ucblib:"
#
I check:# env
LD_LIBRARY_PATH=/usr/ucblib:
After rebooting I don't see this variable.
Why don't save this variable?
Thanks. (5 Replies)
hi
Im using HP-UX 11i,PARISC .... Where do i find SHLIB_PATH or LD_LIBRARY_PATH ,
i couldnt find in env, listing...... Moreover im trying to execute file its throwing me error
usr/lib/dld.sl: Can't find path for shared library: libgcc_s.sl
/usr/lib/dld.sl: No such file or directory... (3 Replies)
I would like to know the differences between LIB_PATH and LD_LIBRARY_PATH on Linux and SunOS.
I am getting an error while loading shared libraries on Linux (Omni works build environment) as shown below:
1:tradewind/dataaccess/*.pcc... (0 Replies)
Hello
I have just tried to install ns-allineone-2.31 on cygwin
cygwin is using the bash shell
it asks for somethings to be put into the LD_LIBRAY_PATH, here is a snippet of what it says.
(1) You MUST put /home/Chris/ns-allinone-2.31/otcl-1.13, /home/Chris/ns-allinone-2.31/lib, into your... (1 Reply)
cc, setuid, and LD_LIBRARY_PATH