Bugtraq mailing list archives

Re: Another ld-linux.so problem

From: carson () tla org (carson () tla org)
Date: Sat, 7 Feb 1998 20:02:31 -0500

"Solar" == Solar Designer <solar () FALSE COM> writes:


Solar> Is there a reason for this limited LD_PRELOAD support for setuid binaries,
Solar> does something depend on it? It looks like this was done intentionally...

Yes. SOCKSifying stupid protocols that require binding ports <1024, for
example. Assuming you install libsocks5_sh.so in /usr/lib, you can do:

$ (export LD_PRELOAD=/usr/lib/libsocks5_sh.so; rsh machine.outside.firewall
pwd)

and have it work. This is basically what the runsocks script does.

--
Carson Gaspar -- carson () cs columbia edu carson () tla org carson () cugc org
http://www.cs.columbia.edu/~carson/home.html
Queen Trapped in a Butch Body

Current thread:

Re: Windows 95 Serv-U FTP bug, (continued)
- - Re: Windows 95 Serv-U FTP bug Alan Thew (Feb 06)
  - SMB signing NT chall / response Mudgenski Von Splat (Feb 06)
  - L0pht Advisory - NT port binding vulnerability Weld Pond (Feb 06)
  - An update on MS private key (in)security issues Aleph One (Feb 06)
  - Another ld-linux.so problem Solar Designer (Feb 06)
    - CERT Advisory CA-98.04 - NT.WebServers Phillip R. Jaenke (Feb 06)
    - Re: CERT Advisory CA-98.04 - NT.WebServers David LeBlanc (Feb 06)
    - serious security hole in KDE Beta 3 Tudor Bosman (Feb 06)
    - Re: Another ld-linux.so problem joost witteveen (Feb 07)
    - Re: Another ld-linux.so problem Solar Designer (Feb 07)
    - Re: Another ld-linux.so problem carson () tla org (Feb 07)
    - Re: Another ld-linux.so problem Aleph One (Feb 08)
    - www-sql cgi prog overrides .htaccess restrictions. Mr LEROY christophe (Feb 09)
    - Re: www-sql cgi prog overrides .htaccess restrictions. Stunt Pope (Feb 09)
    - SNI-24: IDS Vulnerabilities Secure Networks Inc. (Feb 09)
    - AIX/Gradient iFOR/LS bug: follows symlinks Joerg Schumacher (Feb 09)
    - Re: AIX/Gradient iFOR/LS bug: follows symlinks Troy A. Bollinger (Feb 09)
    - CFP - Recent Advances in Intrusion Detection (RAID'98) Marc Dacier (Feb 10)
    - IBM-ERS Security Vulnerability Alert: IBM AIX: Insecure temporary ibm-ers () ERS IBM COM (Feb 10)
    - Re: Another ld-linux.so problem Roman Drahtmueller (Feb 08)
    - ld confusion Aleph One (Feb 10)

(Thread continues...)