[gmx-developers] [Patch, Security] Do not allow empty elements in LD_LIBRARY_PATH

Klaus Kaempf kkaempf at suse.de
Thu Oct 7 11:35:01 CEST 2010


Hi,

the following file set LD_LIBRARY_PATH in a way that allows empty
elements which means the current directory is included:

/usr/bin/GMXRC.bash
/usr/bin/GMXRC.csh
/usr/bin/GMXRC.zsh

This is a security risk, allowing any user to inject his own libraries.

Patch attached.

Klaus
---
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Do-not-set-LD_LIBRARY_PATH-in-a-way-that-allows-empt.patch
Type: text/x-patch
Size: 2131 bytes
Desc: not available
URL: <http://maillist.sys.kth.se/pipermail/gromacs.org_gmx-developers/attachments/20101007/411d8a58/attachment.bin>


More information about the gromacs.org_gmx-developers mailing list