ldd around suid programs has a fine history of security holes.
One idea is for you to just not not do that.
You don't explain why you need to do this. You just completely skipped that.
You don't justify why you need it to work. Does that make me care?? No, it
really doesn't make me care.
Yoshihiro Kawamata <k...@on.rim.or.jp> wrote:
> From: Stuart Henderson <stu.li...@spacehopper.org>
> Subject: Re: ldd error with setuid/setgid binaries
> Date: Wed, 18 Oct 2023 10:00:19 -0000 (UTC)
>
> > ldd started using execpromises, and:
> >
> > /* SUID programs may not be started with execpromises */
>
> I see. thank you.
> I created and used a shell script to create a list of dynamic link
> libraries used for all commands:
>
> #!/bin/sh
> [[ -z "$1" ]] && set /
>
> find "$@" \
> \! -fstype local -prune \
> -o \
> -type f \
> \( -perm -100 -o -perm -010 -o -perm -001 \) \
> -print \
> | xargs file \
> | awk '
> BEGIN {FS=":"}
> /ELF 64-bit LSB shared object/ {print $1}' \
> | xargs ldd \
> | awk '
> /^\/.*:$/ {fname = $1; sub(/:/, "", fname)}
> $3 == "rlib" {print $7, fname}' \
> | sort
>
> But this no longer works properly on OpenBSD 4.7.
>
> How can I solve this? Please let me know if you have any good
> alternatives.
>
> ----
> Yoshihiro Kawamata
> https://fuguita.org/
>
