[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: LD_PRELOAD question
From: Lubos Lunak <l.lunak () suse ! cz>
Date: 2007-05-25 12:40:36
Message-ID: 200705251440.36279.l.lunak () suse ! cz
[Download RAW message or body]
On Thursday 24 of May 2007, Thiago Macieira wrote:
> Lubos Lunak said:
> > We should probably find a universal solution for this, as this applies
> > to more LD_* stuff (LD_LIBRARY_PATH comes to mind). The wrapper could
> > even restore them itself, the slight problem is that the list of reset
> > vars for setuid apps is hidden somewhere in libc sources and grows over
> > the time. An
> > obvious solution could be dropping the wrapper, but I'd prefer not to -
> > this
> > cluebat actually makes OOM conditions to be handled quite fine :(.
>
> Actually, that's not hard to do...
>
> We need a wrapper for the wrapper. One that dumps the environment to a
> file and then starts the wrapper. The wrapper, in turn, after dropping its
> privileges, resets the environment.
>
> The only thing is that start_kdeinit is meant to be a very small program
> to avoid security issues. But it can be done. Read stdin, change the \n to
> \0 then build a NULL-terminated index of entries. Pass that to execvpe(3).
>
> That resets all of the environment, regardless of the list that libc keeps
> (whichever libc that is, on whichever system).
That's an excellent idea. Done.
--
Lubos Lunak
KDE developer
--------------------------------------------------------------
SUSE LINUX, s.r.o. e-mail: l.lunak@suse.cz , l.lunak@kde.org
Lihovarska 1060/12 tel: +420 284 028 972
190 00 Prague 9 fax: +420 284 028 951
Czech Republic http//www.suse.cz
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic