Xref: utzoo alt.security:1878 comp.windows.x:31253 Path: utzoo!utgpu!cs.utexas.edu!uwm.edu!lll-winken!gauss.llnl.gov!casey From: casey@gauss.llnl.gov (Casey Leedom) Newsgroups: alt.security,comp.windows.x Subject: Re: Suns 4.1 problems with X Message-ID: <88883@lll-winken.LLNL.GOV> Date: 7 Jan 91 22:21:17 GMT References: <1991Jan2.163709.5333@ctr.columbia.edu> <1529@carol.fwi.uva.nl> <1532@carol.fwi.uva.nl> <1991Jan6.190603.27364@eua.ericsson.se> Sender: usenet@lll-winken.LLNL.GOV Reply-To: casey@gauss.llnl.gov (Casey Leedom) Followup-To: alt.security Organization: Lawrence Livermore National Laboratory Lines: 37 Nntp-Posting-Host: gauss.llnl.gov | From: per@erix.ericsson.se (Per Hedeland) | | IMO, the X build procedure should instead use the LD_LIBRARY_PATH | environment variable, which is not (yet:-) "remembered" by the binaries - | it should be possible to incorporate this into the Makefiles with the | standard sh construct 'LD_LIBRARY_PATH= ', either for all | the linkage rules, or in the toplevel Makefile rules that cause linkage | to be done in the lower-level Makefiles. Not entirely related, but a constant complaint of mine with regard to the current SunOS shared library mechanism. Ld.so is unable to find libraries unless they're located in one of /usr/lib, /usr/5lib, or /usr/local/lib, or if you do special magic like binding absolute path names into the binary, or have users specify an LD_LIBRARY_PATH, but not for SUID/SGID binaries ... Sound pretty damn confusing and stupid? I thought you'd agree ... I would really like to see a new version of ld.so come out that used a configuration file, say /etc/ld.so.conf. Such a configuration file should specify which directories and libraries ld.so should look through for library references. It should also specify whether libraries found in specific directories and libraries could be ``trusted'' for SUID/SGID binaries. I don't want to get rid of LD_LIBRARY_PATH, but I do want any library found via LD_LIBRARY_PATH to be automatically untrustworthy unless it comes from a directory or library marked as trustworthy in the ld.so configuration file. Unfortunately, I've found Sun to be very unresponsive to users for the last couple of years. Basically I feel like I'm talking to a brick wall. (Witness for instance Sun's response to the tremendous hatred of their type 4 keyboard and their refusal to offer an ``engineering layout'' alternative.) In my view, Sun has completely adopted a Big Company attitude and desperately needs some competition ... I can only hope that companies like Solbourne can offer that competition both in hardware and software. Casey