iqbala at qwestip.net
Mon Jan 12 14:32:24 EST 2004
Asif Iqbal wrote:
> Todd C. Miller wrote:
> > Sudo clears out the LD_* variables before running a program since
> > they can be used to run arbitrary code and avoid sudo's restrictions.
> > In general, you are better off adding the library path to the dynamic
> > loader's list if your system supports it (most do these days).
> I am running Solaris 8. I guess I need to use crle to setup dynamic
> loader list. Am I correct ?
> > However, if you really need LD_LIBRARY_PATH, with recent versions
> > of sudo you can put a line like this at the top of sudoers:
> > Defaults env_delete-=LD_LIBRARY_PATH
I am having trouble with crle and hence like to try this variable. I
per your suggestion put the Defaults variable in sudoers and still not
seeing any change in the sudo's behavior. Is there way I can debug to
find out if sudo is really not deleting the LD_LIBRARY_PATH variable
Thanks a lot for your suggestion/direction
> > - todd
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
There's no place like 127.0.0.1
More information about the sudo-users