Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!harpo!seismo!hao!hplabs!sri-unix!edhall@Rand-Unix.ARPA
From: edhall@Rand-Unix.ARPA
Newsgroups: net.unix-wizards
Subject: Re: UNIX "ld" command -- public libraries and security
Message-ID: <12175@sri-arpa.UUCP>
Date: Tue, 10-Apr-84 20:36:00 EST
Article-I.D.: sri-arpa.12175
Posted: Tue Apr 10 20:36:00 1984
Date-Received: Sun, 15-Apr-84 09:09:19 EST
Lines: 23

From:  Ed_Hall <edhall@Rand-Unix.ARPA>

The order that library directories are searched under 4.1 UNIX is:

	/usr/lib/
	/lib/
	/usr/local/lib/

If a given library is found in a given directory, subsequent directories
will *not* be searched for that library.  Thus there is no way for a
publicly-provided library to overcome system security unless a system
library required from /usr/lib/ or /lib/ is missing.

I must strongly advise against making /usr/local/ itself writable, as
this is in many people's path list for executables and thus provides
a perfect place for spoof command security attacks.  But /usr/local/lib/
should be OK as long as no one has it in their search paths and no
program incorporating a library there is made publically available
without checking both the program and the library for Trojan Horses.

		-Ed Hall,  Rand Corp.
		edhall@rand-unix.ARPA
		decvax!randvax!edhall.UUCP