Environment Poisoning and login -p
D J Hawkey Jr
hawkeyd at visi.com
Fri Feb 27 03:31:02 PST 2004
On Feb 27, at 01:20 PM, Peter Pentchev wrote:
>
> On Fri, Feb 27, 2004 at 05:13:53AM -0600, D J Hawkey Jr wrote:
> > On Feb 26, at 03:03 PM, Tim Kientzle wrote:
> > >
> > > Andrey Chernov wrote:
> > > >On Wed, Feb 25, 2004 at 10:54:31AM -0800, Tim Kientzle wrote:
> > > >
> > > >>Possible fix: Have login unconditionally discard LD_LIBRARY_PATH
> > > >>and LD_PRELOAD from the environment, even if "-p" is specified.
> > > >
> > > >Yes! It is what I say from very beginning. It is so obvious that I wonder
> > > >why others not see it first.
> > >
> > > Instead, I've decided to follow Jacques Vidrine's
> > > suggestion of using a whitelist of environment variables
> > > that are "known-safe."
> >
> > Coming in from left field... Will there be some sort of mechanism for
> > an admin to set/modify this list?
>
> Surely you are aware of the consequences of s/admin/intruder/? :)
> Still, it might be useful indeed.
Of course I do; it would have to be a "secure" mechanism (and more
flexible than recompiling the utility). But OTOH, how can the developers
foresee all the possibilities of all the deployed systems Out There(tm)?
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd at visi.com /\________________/
http://www.visi.com/~hawkeyd/
More information about the freebsd-security
mailing list