Re: QA needed for insecure LD_LIBRARY_PATH in many wrapper scripts

2007-11-20 Thread Vincent Danjean
Vineet Kumar wrote: > * Stefan Fritsch ([EMAIL PROTECTED]) [071116 13:03]: >> is unset. (Actually, some scripts use "${LD_LIBRARY_PATH+: >> $LD_LIBRARY_PATH}", which seems to work, too. But this is not >> documented in the bash man page, at least I can't find it.) > > The difference between ${PAR

Re: QA needed for insecure LD_LIBRARY_PATH in many wrapper scripts

2007-11-19 Thread Vineet Kumar
* Stefan Fritsch ([EMAIL PROTECTED]) [071116 13:03]: > is unset. (Actually, some scripts use "${LD_LIBRARY_PATH+: > $LD_LIBRARY_PATH}", which seems to work, too. But this is not > documented in the bash man page, at least I can't find it.) The difference between ${PARAMETER:+WORD} and ${PARAMETER

Re: QA needed for insecure LD_LIBRARY_PATH in many wrapper scripts

2007-11-16 Thread Mike Hommey
On Fri, Nov 16, 2007 at 10:01:34PM +0100, Stefan Fritsch wrote: > Hi, > > many wrapper scripts contain things like > > export LD_LIBRARY_PATH=foo:$LD_LIBRARY_PATH > > This is bad because if LD_LIBRARY_PATH is unset, it will expand to > > LD_LIBRARY_PATH=foo: > > which is interprete

QA needed for insecure LD_LIBRARY_PATH in many wrapper scripts

2007-11-16 Thread Stefan Fritsch
Hi, many wrapper scripts contain things like export LD_LIBRARY_PATH=foo:$LD_LIBRARY_PATH This is bad because if LD_LIBRARY_PATH is unset, it will expand to LD_LIBRARY_PATH=foo: which is interpreted as LD_LIBRARY_PATH=foo:. This means that the current directory