[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: LD_PRELOAD question
From: "Thiago Macieira" <thiago () kde ! org>
Date: 2007-05-24 13:33:55
Message-ID: 3209.172.26.0.1.1180013635.squirrel () 172 ! 26 ! 0 ! 1
[Download RAW message or body]
Lubos Lunak said:
> We should probably find a universal solution for this, as this applies to
> more LD_* stuff (LD_LIBRARY_PATH comes to mind). The wrapper could even
> restore them itself, the slight problem is that the list of reset vars for
> setuid apps is hidden somewhere in libc sources and grows over the time.
> An
> obvious solution could be dropping the wrapper, but I'd prefer not to -
> this
> cluebat actually makes OOM conditions to be handled quite fine :(.
Actually, that's not hard to do...
We need a wrapper for the wrapper. One that dumps the environment to a
file and then starts the wrapper. The wrapper, in turn, after dropping its
privileges, resets the environment.
The only thing is that start_kdeinit is meant to be a very small program
to avoid security issues. But it can be done. Read stdin, change the \n to
\0 then build a NULL-terminated index of entries. Pass that to execvpe(3).
That resets all of the environment, regardless of the list that libc keeps
(whichever libc that is, on whichever system).
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic