Search Path
Todd C. Miller
Todd.Miller at courtesan.com
Tue Jan 20 12:34:22 EST 2004
In message <200401091642.i09Gg8nR030814 at xerxes.courtesan.com>
so spake "Todd C. Miller" (Todd.Miller):
> However, if you really need LD_LIBRARY_PATH, with recent versions
> of sudo you can put a line like this at the top of sudoers:
>
> Defaults env_delete-=LD_LIBRARY_PATH
Actually, that was incorrect. The correct line is:
Defaults env_delete-=LD_*
The LD_* is treated as a literal string. You almost certainly want
to make this:
Defaults env_delete-=LD_*, env_delete+=LD_PRELOAD
unless you need LD_PRELOAD too although I suppose that if you allow
LD_LIBRARY_PATH you can still do the same kind of nasty tricks.
- todd
More information about the sudo-users
mailing list