On Mon, Jul 26, 1999, Nate Williams wrote: > > > LD_LIBRARY_PATH, LD_PRELOAD and LD_DEBUG are ignored for setuid > > > executables > > > in FreeBSD. > > > > But the point being made is that they are not ignored for executables > > which have no read access. And from there, read access can be gained, > > because at that point, you have code running in the process's address > > space. > > That's right. In other words, there really is no way of protecting > executable files from being read if someone is motivated enough. > > And, in an open-source OS like FreeBSD, it's not a viable solution in > any case....
The only option, as I've mentined previously in this thread, that I can think of, would be to have an option when building various linker code to disable searching in $LD_LIBRARY_PATH if the library being looked for is in the standard library paths. -- |Chris Costello <[email protected]> |Is reading in the bathroom considered Multi-Tasking? `---------------------------------------------------- To Unsubscribe: send mail to [email protected] with "unsubscribe freebsd-hackers" in the body of the message
