26 Apr
2000
26 Apr
'00
09:14
Marc Heuse wrote:
c) okay, now the tough part: libsafe is a dynamic library which is set in the environment which checks several dangerous functions, which can be a security problem. Because it is a dynamic library, it is NO protection against local attackers, just against remote attackers on network services. (if an attacker wants to attack a local suid file, he would just reset his library path environment). [...]
Correct me if I'm wrong, but I think the -rpath option take precedence over LD_LIBRARY_PATH? Is there any way around that? Cheers, -petter.