Re: LD_LIBRARY_PATH v a/xtermu
|
To |
debian newsgroup <czdebian-l zavinac debian bod cz> |
|
From |
Martin Slouf <xslom03 zavinac vse bod cz> |
|
Date |
Mon, 8 Mar 2004 14:49:09 +0100 (CET) |
hmm, vidim ze je to slozitejsi -- myslel sem, ze odpoved bude hned :),
rikal sem si, ze to pouziva rada lidi ...
jinak slo pochopitelne prave o LD_LIBRARY_PATH, jiny me nezajimaj :)
trochu sem zagoogloval a zjistil jsem, ze to trapi vicero lidi, citace
z xterm FAQ (trochu trapny -- ale doufal sem, ze odpoved bude hned,
takze sem nehledal v siti), cely problem je v tom, ze xterm je setuid
program:
- - - -
Why does $LD_LIBRARY_PATH get reset?
If xterm is running setuid (which is needed on some systems which have
no wrappers for opening pty's and updating utmp), newer systems
automatically set or reset environment variables which are considered
security problems. These include $PATH and $LD_LIBRARY_PATH, since they
affect the choice of which programs are run if not specified via a full
pathname.
This means, for example, that if you attempt to run
xterm -e foo
where foo is a program that uses shared libraries in /usr/local/lib,
then the command will fail, because /usr/local/lib is not considered part
of root's environment.
Modern Unix systems (such as recent Solaris and HPUX versions) do not
require you to run xterm setuid. Some will result in odd malfunctions
if you do this.
- - - -
takze, pokud pozmenim otazku, jak obejit tohle? jak zajistit na
debianu, abych obesel nastaveni systemu, ze xterm/aterm apod. musi byt
setuid root? copak neni Linux moderni system jako Solaris a HP-UX? :-)
RESENI: (ne uplne ciste)
------------------------
napadlo me cirou nahodou, jeste po zkusenostech ze stareho Red Hat
6.2cz a na zaklade jednoho prispevku -- namisto nastavovat LD_LIBRARY_PATH
prostredi v profilu (~/.bash_profile) to ted delam v rc (~/.bashrc) --
coz zajisti kyzeny efekt, tj. promenna se nastavi, vadi mi ale, ze to neni
to "prave" reseni.
problem cislo 2:
----------------
tusite nekdo, jak nastavit system, aby graficke terminalove programy
nemuseli byt setuid? popripade proc to na Linuxu nelze?
opet diky vsem. m.
Partial thread listing:
- Re: LD_LIBRARY_PATH v a/xtermu, (pokračuje)
ADD: Totalni vytuhnuti,
Jiří Jánský
[ANNOUNCE] GnomeMeeting 1.00 je venku,
Robert Vojta