dyld: DYLD_ environment variables being ignored because main executable (/usr/bin/sudo) is setuid or setgid
Rodolfo Aramayo
raramayo at gmail.com
Fri May 17 12:39:36 PDT 2013
On Fri, May 17, 2013 at 1:42 PM, Lawrence Velázquez <larryv at macports.org>wrote:
> On May 17, 2013, at 2:20 PM, Rodolfo Aramayo <raramayo at gmail.com> wrote:
>
> > Yes!
> > to a file in: /usr/local and when I run the commands there I found:
> > ./bashrc:export LD_LIBRARY_PATH=/usr/local/bioinfosoft/genometools/lib
>
> Be aware that, as a rule, we do not support having other software
> installed in /usr/local.
>
> https://trac.macports.org/wiki/FAQ#usrlocal
>
>
I am aware of that
Nothing is installed there should interfere
> > So now I understand it. It is in fact a security check that prevents
> sourcing and therefore activation of potentially malicious code
> > If the code:
> > export LD_LIBRARY_PATH=/usr/local/bioinfosoft/genometools/lib
> > is inside the .bashrc file, then there is no problem, but if it is
> present in another file being sourced, then there is a warning because that
> code is not being read
> > Is this correct?
>
> No. The warning has nothing to do with bash. The issue is the existence of
> LD_LIBRARY_PATH or DYLD_LIBRARY_PATH; dyld removes those variables from its
> environment to prevent setuid/setgid executables from loading arbitrary
> dylibs. How those variables got into the environment is completely
> irrelevant.
>
>
You say
"dyld removes those variables from its environment "
what is dyld? A program? Please forgive my ignorance
and why when "export
LD_LIBRARY_PATH=/usr/local/bioinfosoft/genometools/lib"
is sourced from a file located outside the 'admin' directory is a problem
whereas if it is sourced from one of the .bash* files is not?
Thanks
--R
vq
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20130517/89080dec/attachment.html>
More information about the macports-users
mailing list