mirror of https://github.com/mkerrisk/man-pages
Consistent use of "set-user-ID" and "set-group-ID".
This commit is contained in:
parent
da2d9dad4e
commit
880f5b4bc3
12
Changes
12
Changes
|
@ -8,14 +8,18 @@ Contributors
|
||||||
The following people contributed notes, ideas, or patches that have
|
The following people contributed notes, ideas, or patches that have
|
||||||
been incorporated in changes in this release:
|
been incorporated in changes in this release:
|
||||||
|
|
||||||
### Andries Brouwer <Andries.Brouwer@cwi.nl>
|
Andries Brouwer <Andries.Brouwer@cwi.nl>
|
||||||
### Joey (Martin) Schulze <joey@infodrom.org>
|
### Joey (Martin) Schulze <joey@infodrom.org>
|
||||||
|
Mike Frysinger <vapier@gentoo.org>
|
||||||
|
|
||||||
Apologies if I missed anyone!
|
Apologies if I missed anyone!
|
||||||
|
|
||||||
Global changes
|
Global changes
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
|
The terms "set-user-ID" and "set-group-ID" are now used consistently
|
||||||
|
(no abbreviations) accorss all manual pages.
|
||||||
|
|
||||||
Typographical or grammatical errors have been corrected in several
|
Typographical or grammatical errors have been corrected in several
|
||||||
places.
|
places.
|
||||||
|
|
||||||
|
@ -27,3 +31,9 @@ New pages
|
||||||
|
|
||||||
Changes to individual pages
|
Changes to individual pages
|
||||||
---------------------------
|
---------------------------
|
||||||
|
|
||||||
|
stat.2
|
||||||
|
Mike Frysinger
|
||||||
|
Improve description of st_dev and st_rdev.
|
||||||
|
mtk
|
||||||
|
Various wording and formatting improvements.
|
||||||
|
|
12
man1/chmod.1
12
man1/chmod.1
|
@ -56,8 +56,8 @@ sticky bit (t), the permissions that the user
|
||||||
who owns the file currently has for it (u), the permissions that other
|
who owns the file currently has for it (u), the permissions that other
|
||||||
users in the file's group have for it (g), and the permissions that
|
users in the file's group have for it (g), and the permissions that
|
||||||
other users not in the file's group have for it (o).
|
other users not in the file's group have for it (o).
|
||||||
(Thus, `chmod g\-s file' removes the set-group-ID (sgid) bit,
|
(Thus, `chmod g\-s file' removes the set-group-ID bit,
|
||||||
\&`chmod ug+s file' sets both the suid and sgid bits, while
|
\&`chmod ug+s file' sets both the set-user-ID and set-group-ID bits, while
|
||||||
\&`chmod o+s file' does nothing.)
|
\&`chmod o+s file' does nothing.)
|
||||||
.PP
|
.PP
|
||||||
The name of the `sticky bit' derives from the original meaning:
|
The name of the `sticky bit' derives from the original meaning:
|
||||||
|
@ -133,7 +133,7 @@ usual meaning.
|
||||||
POSIX 1003.2 only requires the \-R option. Use of other options
|
POSIX 1003.2 only requires the \-R option. Use of other options
|
||||||
may not be portable. This standard does not describe the 't' permission
|
may not be portable. This standard does not describe the 't' permission
|
||||||
bit. This standard does not specify whether \fBchmod\fP must preserve
|
bit. This standard does not specify whether \fBchmod\fP must preserve
|
||||||
consistency by clearing or refusing to set the suid and sgid
|
consistency by clearing or refusing to set the set-user-ID and set-group-ID
|
||||||
bits, e.g., when all execute bits are cleared, or whether \fBchmod\fP
|
bits, e.g., when all execute bits are cleared, or whether \fBchmod\fP
|
||||||
honors the `s' bit at all.
|
honors the `s' bit at all.
|
||||||
.SH "NONSTANDARD MODES"
|
.SH "NONSTANDARD MODES"
|
||||||
|
@ -142,8 +142,10 @@ Various systems attach special meanings to otherwise
|
||||||
meaningless combinations of mode bits.
|
meaningless combinations of mode bits.
|
||||||
In particular, Linux, following System V (see
|
In particular, Linux, following System V (see
|
||||||
System V Interface Definition (SVID) Version 3),
|
System V Interface Definition (SVID) Version 3),
|
||||||
lets the sgid bit for files without group execute permission
|
uses the combination of having the set-group-ID bit enabled
|
||||||
mark the file for mandatory locking. For more details, see
|
while group execute bit is disabled to mean that
|
||||||
|
mandatory locking is enabled for the file.
|
||||||
|
For more details, see
|
||||||
the file
|
the file
|
||||||
.IR /usr/src/linux/Documentation/mandatory.txt .
|
.IR /usr/src/linux/Documentation/mandatory.txt .
|
||||||
.SH NOTES
|
.SH NOTES
|
||||||
|
|
|
@ -86,10 +86,10 @@ Only copy upon an affirmative answer.)
|
||||||
.TP
|
.TP
|
||||||
.B \-p
|
.B \-p
|
||||||
Preserve the original files' owner, group, permissions
|
Preserve the original files' owner, group, permissions
|
||||||
(including the setuid and setgid bits), time of last modification
|
(including the set-user-ID and set-group-ID bits), time of last modification
|
||||||
and time of last access.
|
and time of last access.
|
||||||
In case duplication of owner or group fails, the setuid and setgid
|
In case duplication of owner or group fails,
|
||||||
bits are cleared.
|
the set-user-ID and set-group-ID bits are cleared.
|
||||||
(Note that afterwards source and copy may well have different
|
(Note that afterwards source and copy may well have different
|
||||||
times of last access, since the copy operation is an access
|
times of last access, since the copy operation is an access
|
||||||
to the source file.)
|
to the source file.)
|
||||||
|
|
|
@ -222,12 +222,12 @@ combines multiple bits into the third character of each set of permissions
|
||||||
.RS
|
.RS
|
||||||
.TP
|
.TP
|
||||||
.B s
|
.B s
|
||||||
If the setuid or setgid bit and the corresponding executable bit are
|
If the set-user-ID or set-group-ID bit and the corresponding
|
||||||
both set.
|
executable bit are both set.
|
||||||
.TP
|
.TP
|
||||||
.B S
|
.B S
|
||||||
If the setuid or setgid bit is set but the corresponding executable bit
|
If the set-user-ID or set-group-ID bit is set
|
||||||
is not set.
|
but the corresponding executable bit is not set.
|
||||||
.TP
|
.TP
|
||||||
.B t
|
.B t
|
||||||
If the sticky bit and the other-executable bit are both set.
|
If the sticky bit and the other-executable bit are both set.
|
||||||
|
|
|
@ -56,8 +56,9 @@ When they are on different filesystems, the source file is copied
|
||||||
and then deleted.
|
and then deleted.
|
||||||
.B mv
|
.B mv
|
||||||
will copy modification time, access time, user and group ID, and mode
|
will copy modification time, access time, user and group ID, and mode
|
||||||
if possible. When copying user and/or group ID fails, the setuid and
|
if possible.
|
||||||
setgid bits are cleared in the copy.
|
When copying user and/or group ID fails, the set-user-ID and
|
||||||
|
set-group-ID bits are cleared in the copy.
|
||||||
.SH "POSIX OPTIONS"
|
.SH "POSIX OPTIONS"
|
||||||
.TP
|
.TP
|
||||||
.B "\-f"
|
.B "\-f"
|
||||||
|
|
|
@ -77,7 +77,8 @@ links encountered on the way.
|
||||||
The check is done with the process's
|
The check is done with the process's
|
||||||
.I real
|
.I real
|
||||||
UID and GID, rather than with the effective IDs as is done when
|
UID and GID, rather than with the effective IDs as is done when
|
||||||
actually attempting an operation. This is to allow set-UID programs to
|
actually attempting an operation.
|
||||||
|
This is to allow set-user-ID programs to
|
||||||
easily determine the invoking user's authority.
|
easily determine the invoking user's authority.
|
||||||
|
|
||||||
Only access bits are checked, not the file type or contents. Therefore, if
|
Only access bits are checked, not the file type or contents. Therefore, if
|
||||||
|
|
|
@ -64,10 +64,10 @@ The SIGCHLD signal (when set to SIG_IGN) may or may not be reset to SIG_DFL.
|
||||||
If the current program is being ptraced, a \fBSIGTRAP\fP is sent to it
|
If the current program is being ptraced, a \fBSIGTRAP\fP is sent to it
|
||||||
after a successful \fBexecve()\fP.
|
after a successful \fBexecve()\fP.
|
||||||
|
|
||||||
If the set-uid bit is set on the program file pointed to by
|
If the set-user-ID bit is set on the program file pointed to by
|
||||||
\fIfilename\fP, and the calling process is not being ptraced,
|
\fIfilename\fP, and the calling process is not being ptraced,
|
||||||
then the effective user ID of the calling process is changed
|
then the effective user ID of the calling process is changed
|
||||||
to that of the owner of the program file. Similarly, when the set-gid
|
to that of the owner of the program file. Similarly, when the set-group-ID
|
||||||
bit of the program file is set the effective group ID of the calling
|
bit of the program file is set the effective group ID of the calling
|
||||||
process is set to the group of the program file.
|
process is set to the group of the program file.
|
||||||
|
|
||||||
|
|
|
@ -335,7 +335,7 @@ To make use of mandatory locks, mandatory locking must be enabled
|
||||||
.BR mount (8))
|
.BR mount (8))
|
||||||
for the file system containing the
|
for the file system containing the
|
||||||
file to be locked and enabled on the file itself (by disabling
|
file to be locked and enabled on the file itself (by disabling
|
||||||
group execute permission on the file and enabling the set-GID
|
group execute permission on the file and enabling the set-group-ID
|
||||||
permission bit).
|
permission bit).
|
||||||
|
|
||||||
Advisory locks are not enforced and are useful only between
|
Advisory locks are not enforced and are useful only between
|
||||||
|
|
12
man2/mount.2
12
man2/mount.2
|
@ -138,10 +138,10 @@ Do not allow programs to be executed from this file system.
|
||||||
.\" users cannot execute files uploaded using ftp or so.)
|
.\" users cannot execute files uploaded using ftp or so.)
|
||||||
.TP
|
.TP
|
||||||
.B MS_NOSUID
|
.B MS_NOSUID
|
||||||
Do not honour set-UID and set-GID bits when executing
|
Do not honour set-user-ID and set-group-ID bits when executing
|
||||||
programs from this file system.
|
programs from this file system.
|
||||||
.\" (This is a security feature to prevent users executing set-UID and
|
.\" (This is a security feature to prevent users executing set-user-ID and
|
||||||
.\" set-GID programs from removable disk devices.)
|
.\" set-group-ID programs from removable disk devices.)
|
||||||
.TP
|
.TP
|
||||||
.B MS_RDONLY
|
.B MS_RDONLY
|
||||||
Mount file system read-only.
|
Mount file system read-only.
|
||||||
|
@ -348,13 +348,13 @@ in more than one place, so specifying the device does not suffice).
|
||||||
The original MS_SYNC flag was renamed MS_SYNCHRONOUS in 1.1.69
|
The original MS_SYNC flag was renamed MS_SYNCHRONOUS in 1.1.69
|
||||||
when a different MS_SYNC was added to <mman.h>.
|
when a different MS_SYNC was added to <mman.h>.
|
||||||
.LP
|
.LP
|
||||||
Before Linux 2.4 an attempt to execute a set-UID or set-GID program
|
Before Linux 2.4 an attempt to execute a set-user-ID or set-group-ID program
|
||||||
on a filesystem mounted with
|
on a filesystem mounted with
|
||||||
.B MS_NOSUID
|
.B MS_NOSUID
|
||||||
would fail with
|
would fail with
|
||||||
.BR EPERM .
|
.BR EPERM .
|
||||||
Since Linux 2.4 the set-UID and set-GID bits are just silently ignored
|
Since Linux 2.4 the set-user-ID and set-group-ID bits are
|
||||||
in this case.
|
just silently ignored in this case.
|
||||||
.\" The change is in patch-2.4.0-prerelease.
|
.\" The change is in patch-2.4.0-prerelease.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
.BR path_resolution (2),
|
.BR path_resolution (2),
|
||||||
|
|
|
@ -64,8 +64,8 @@ Set the state of the flag determining whether core dumps are produced
|
||||||
for this process upon delivery of a signal whose default behaviour is
|
for this process upon delivery of a signal whose default behaviour is
|
||||||
to produce a core dump.
|
to produce a core dump.
|
||||||
(Normally this flag is set for a process by default, but it is cleared
|
(Normally this flag is set for a process by default, but it is cleared
|
||||||
when a set-UID or set-GID program is executed and also by various system
|
when a set-user-ID or set-group-ID program is executed and also by
|
||||||
calls that manipulate process UIDs and GIDs).
|
various system calls that manipulate process UIDs and GIDs).
|
||||||
.I arg2
|
.I arg2
|
||||||
must be either 0 (process is not dumpable) or 1 (process is dumpable).
|
must be either 0 (process is not dumpable) or 1 (process is dumpable).
|
||||||
.TP
|
.TP
|
||||||
|
|
|
@ -248,8 +248,9 @@ The specified process cannot be traced. This could be because the
|
||||||
parent has insufficient privileges (the required capability is
|
parent has insufficient privileges (the required capability is
|
||||||
.BR CAP_SYS_PTRACE );
|
.BR CAP_SYS_PTRACE );
|
||||||
non-root processes cannot trace processes that they
|
non-root processes cannot trace processes that they
|
||||||
cannot send signals to or those running setuid/setgid programs, for obvious
|
cannot send signals to or those running set-user-ID/set-group-ID programs,
|
||||||
reasons. Alternatively, the process may already be being traced, or be
|
for obvious reasons.
|
||||||
|
Alternatively, the process may already be being traced, or be
|
||||||
.BR init
|
.BR init
|
||||||
(pid 1).
|
(pid 1).
|
||||||
.TP
|
.TP
|
||||||
|
|
|
@ -41,7 +41,8 @@ superuser, the real and saved group ID's are also set.
|
||||||
Under Linux,
|
Under Linux,
|
||||||
.B setgid
|
.B setgid
|
||||||
is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.
|
is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.
|
||||||
This allows a setgid program that is not suid root to drop all of its group
|
This allows a set-group-ID program that is not set-user-ID-root root
|
||||||
|
to drop all of its group
|
||||||
privileges, do some un-privileged work, and then re-engage the original
|
privileges, do some un-privileged work, and then re-engage the original
|
||||||
effective group ID in a secure manner.
|
effective group ID in a secure manner.
|
||||||
.SH "RETURN VALUE"
|
.SH "RETURN VALUE"
|
||||||
|
|
|
@ -43,11 +43,11 @@ the real and saved user ID's are also set.
|
||||||
Under Linux,
|
Under Linux,
|
||||||
.B setuid
|
.B setuid
|
||||||
is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.
|
is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.
|
||||||
This allows a setuid (other than root) program to drop all of its user
|
This allows a set-user-ID (other than root) program to drop all of its user
|
||||||
privileges, do some un-privileged work, and then re-engage the original
|
privileges, do some un-privileged work, and then re-engage the original
|
||||||
effective user ID in a secure manner.
|
effective user ID in a secure manner.
|
||||||
.PP
|
.PP
|
||||||
If the user is root or the program is setuid root, special care must be
|
If the user is root or the program is set-user-ID-root, special care must be
|
||||||
taken. The
|
taken. The
|
||||||
.B setuid
|
.B setuid
|
||||||
function checks the effective user ID of the caller and if it is
|
function checks the effective user ID of the caller and if it is
|
||||||
|
@ -56,7 +56,7 @@ the superuser, all process related user ID's are set to
|
||||||
After this has occurred, it is impossible for the program to regain root
|
After this has occurred, it is impossible for the program to regain root
|
||||||
privileges.
|
privileges.
|
||||||
.PP
|
.PP
|
||||||
Thus, a setuid-root program wishing to temporarily drop root
|
Thus, a set-user-ID-root program wishing to temporarily drop root
|
||||||
privileges, assume the identity of a non-root user, and then regain
|
privileges, assume the identity of a non-root user, and then regain
|
||||||
root privileges afterwards cannot use
|
root privileges afterwards cannot use
|
||||||
.BR setuid .
|
.BR setuid .
|
||||||
|
|
|
@ -80,7 +80,7 @@ Bits defined by POSIX are
|
||||||
Read-only file system.
|
Read-only file system.
|
||||||
.TP
|
.TP
|
||||||
.B ST_NOSUID
|
.B ST_NOSUID
|
||||||
Setuid/setgid bits are ignored by
|
Set-user-ID/set-group-ID bits are ignored by
|
||||||
.BR exec (2).
|
.BR exec (2).
|
||||||
.LP
|
.LP
|
||||||
|
|
||||||
|
|
|
@ -69,7 +69,8 @@ the extended part reads as zero bytes.
|
||||||
The file pointer is not changed.
|
The file pointer is not changed.
|
||||||
.LP
|
.LP
|
||||||
If the size changed, then the ctime and mtime fields for the file
|
If the size changed, then the ctime and mtime fields for the file
|
||||||
are updated, and suid and sgid mode bits may be cleared.
|
are updated,
|
||||||
|
and set-user-ID and set-group-ID permission bits may be cleared.
|
||||||
.LP
|
.LP
|
||||||
With
|
With
|
||||||
.BR ftruncate ,
|
.BR ftruncate ,
|
||||||
|
|
|
@ -88,8 +88,8 @@ If the environment variable
|
||||||
.BR LD_LIBRARY_PATH
|
.BR LD_LIBRARY_PATH
|
||||||
is defined to contain a colon-separated list of directories,
|
is defined to contain a colon-separated list of directories,
|
||||||
then these are searched.
|
then these are searched.
|
||||||
(As a security measure this variable is ignored for set-UID and
|
(As a security measure this variable is ignored for set-user-ID and
|
||||||
set-GID programs.)
|
set-group-ID programs.)
|
||||||
.IP o
|
.IP o
|
||||||
(ELF only) If the executable file for the calling program
|
(ELF only) If the executable file for the calling program
|
||||||
contains a DT_RUNPATH tag, then the directories listed in that tag
|
contains a DT_RUNPATH tag, then the directories listed in that tag
|
||||||
|
|
|
@ -64,7 +64,7 @@ declared in \fBstdio.h\fP.
|
||||||
.PP
|
.PP
|
||||||
These functions let your program identify positively the user who is
|
These functions let your program identify positively the user who is
|
||||||
running (\fBcuserid\fP) or the user who logged in this session
|
running (\fBcuserid\fP) or the user who logged in this session
|
||||||
(\fBgetlogin\fP). (These can differ when setuid programs are
|
(\fBgetlogin\fP). (These can differ when set-user-ID programs are
|
||||||
involved.)
|
involved.)
|
||||||
.PP
|
.PP
|
||||||
For most purposes, it is more useful to use the environment variable
|
For most purposes, it is more useful to use the environment variable
|
||||||
|
|
|
@ -50,7 +50,7 @@ POSIX 1003.1-2001
|
||||||
.SH NOTES
|
.SH NOTES
|
||||||
This is part of the Unix98 pty support, see
|
This is part of the Unix98 pty support, see
|
||||||
.BR pts (4).
|
.BR pts (4).
|
||||||
Many systems implement this function via a setuid helper binary
|
Many systems implement this function via a set-user-ID helper binary
|
||||||
called "pt_chown". With Linux devpts no such helper binary is required.
|
called "pt_chown". With Linux devpts no such helper binary is required.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
.BR open (2),
|
.BR open (2),
|
||||||
|
|
|
@ -103,7 +103,7 @@ to check the exit status of the child. E.g.
|
||||||
.PP
|
.PP
|
||||||
Do not use
|
Do not use
|
||||||
.BR system ()
|
.BR system ()
|
||||||
from a program with set-UID or set-GID privileges,
|
from a program with set-user-ID or set-group-ID privileges,
|
||||||
because strange values for some environment variables
|
because strange values for some environment variables
|
||||||
might be used to subvert system integrity.
|
might be used to subvert system integrity.
|
||||||
Use the
|
Use the
|
||||||
|
@ -113,8 +113,8 @@ family of functions instead, but not
|
||||||
or
|
or
|
||||||
.BR execvp (3).
|
.BR execvp (3).
|
||||||
.BR system ()
|
.BR system ()
|
||||||
will not, in fact, work properly from programs with set-UID or set-GID
|
will not, in fact, work properly from programs with set-user-ID or
|
||||||
privileges on systems on which
|
set-group-ID privileges on systems on which
|
||||||
.I /bin/sh
|
.I /bin/sh
|
||||||
is bash version 2, since bash 2 drops privileges on startup.
|
is bash version 2, since bash 2 drops privileges on startup.
|
||||||
(Debian uses a modified bash which does not do this when invoked as
|
(Debian uses a modified bash which does not do this when invoked as
|
||||||
|
|
|
@ -67,7 +67,7 @@ Allocation of storage failed.
|
||||||
.LP
|
.LP
|
||||||
.SH NOTES
|
.SH NOTES
|
||||||
SUSv2 does not mention the use of TMPDIR; glibc will use it only
|
SUSv2 does not mention the use of TMPDIR; glibc will use it only
|
||||||
when the program is not suid.
|
when the program is not set-user-ID.
|
||||||
SVID2 specifies that the directory used under (iv) is
|
SVID2 specifies that the directory used under (iv) is
|
||||||
.IR /tmp .
|
.IR /tmp .
|
||||||
SVID2 specifies that the string returned by
|
SVID2 specifies that the string returned by
|
||||||
|
|
|
@ -272,7 +272,7 @@ the capabilities that the process may assume
|
||||||
(i.e., a limiting superset for the effective and inheritable sets).
|
(i.e., a limiting superset for the effective and inheritable sets).
|
||||||
If a process drops a capability from its permitted set,
|
If a process drops a capability from its permitted set,
|
||||||
it can never re-acquire that capability (unless it execs a
|
it can never re-acquire that capability (unless it execs a
|
||||||
set-UID-root program).
|
set-user-ID-root program).
|
||||||
.TP
|
.TP
|
||||||
.IR inheritable :
|
.IR inheritable :
|
||||||
the capabilities preserved across an
|
the capabilities preserved across an
|
||||||
|
@ -281,7 +281,7 @@ the capabilities preserved across an
|
||||||
In the current implementation, a process is granted all permitted and
|
In the current implementation, a process is granted all permitted and
|
||||||
effective capabilities (subject to the operation of the
|
effective capabilities (subject to the operation of the
|
||||||
capability bounding set described below)
|
capability bounding set described below)
|
||||||
when it execs a set-UID-root program,
|
when it execs a set-user-ID-root program,
|
||||||
or if a process with a real UID of zero execs a new program.
|
or if a process with a real UID of zero execs a new program.
|
||||||
.PP
|
.PP
|
||||||
A child created via
|
A child created via
|
||||||
|
@ -360,12 +360,12 @@ support file capability sets, during an exec:
|
||||||
.IP 1. 4
|
.IP 1. 4
|
||||||
All three file capability sets are initially assumed to be cleared.
|
All three file capability sets are initially assumed to be cleared.
|
||||||
.IP 2. 4
|
.IP 2. 4
|
||||||
If a set-UID-root program is being execed,
|
If a set-user-ID-root program is being execed,
|
||||||
or the real user ID of the process is 0 (root)
|
or the real user ID of the process is 0 (root)
|
||||||
then the file allowed and forced sets are defined to be all ones
|
then the file allowed and forced sets are defined to be all ones
|
||||||
(i.e., all capabilities set).
|
(i.e., all capabilities set).
|
||||||
.IP 3. 4
|
.IP 3. 4
|
||||||
If a set-UID-root program is being executed,
|
If a set-user-ID-root program is being executed,
|
||||||
then the file effective set is defined to be all ones.
|
then the file effective set is defined to be all ones.
|
||||||
.PP
|
.PP
|
||||||
During an exec, the kernel calculates the new capabilities of
|
During an exec, the kernel calculates the new capabilities of
|
||||||
|
|
|
@ -191,7 +191,7 @@ However, the resulting process has the same PID as the thread that called
|
||||||
it should have the same PID as the main thread.
|
it should have the same PID as the main thread.
|
||||||
.IP \- 3
|
.IP \- 3
|
||||||
Threads do not share user and group IDs.
|
Threads do not share user and group IDs.
|
||||||
This can cause complications with set-UID programs and
|
This can cause complications with set-user-ID programs and
|
||||||
can cause failures in Pthreads functions if an application
|
can cause failures in Pthreads functions if an application
|
||||||
changes its credentials using
|
changes its credentials using
|
||||||
.BR seteuid (2)
|
.BR seteuid (2)
|
||||||
|
|
15
man8/ld.so.8
15
man8/ld.so.8
|
@ -39,8 +39,8 @@ Use of DT_RPATH is deprecated.
|
||||||
.IP o
|
.IP o
|
||||||
Using the environment variable
|
Using the environment variable
|
||||||
.BR LD_LIBRARY_PATH .
|
.BR LD_LIBRARY_PATH .
|
||||||
Except if the executable is a setuid/setgid binary, in which case it
|
Except if the executable is a set-user-ID/set-group-ID binary,
|
||||||
is ignored.
|
in which case it is ignored.
|
||||||
.IP o
|
.IP o
|
||||||
(ELF only) Using the DT_RUNPATH dynamic section attribute
|
(ELF only) Using the DT_RUNPATH dynamic section attribute
|
||||||
of the binary if present.
|
of the binary if present.
|
||||||
|
@ -103,8 +103,9 @@ environment variable.
|
||||||
A whitespace-separated list of additional, user-specified, ELF shared
|
A whitespace-separated list of additional, user-specified, ELF shared
|
||||||
libraries to be loaded before all others.
|
libraries to be loaded before all others.
|
||||||
This can be used to selectively override functions in other shared libraries.
|
This can be used to selectively override functions in other shared libraries.
|
||||||
For setuid/setgid ELF binaries, only libraries in the standard search
|
For set-user-ID/set-group-ID ELF binaries,
|
||||||
directories that are also setuid will be loaded.
|
only libraries in the standard search
|
||||||
|
directories that are also set-user-ID will be loaded.
|
||||||
.TP
|
.TP
|
||||||
.B LD_BIND_NOW
|
.B LD_BIND_NOW
|
||||||
(libc5; glibc since 2.1.1)
|
(libc5; glibc since 2.1.1)
|
||||||
|
@ -152,7 +153,7 @@ environment variable.
|
||||||
File where
|
File where
|
||||||
.B LD_DEBUG
|
.B LD_DEBUG
|
||||||
output should be fed into, default is standard output.
|
output should be fed into, default is standard output.
|
||||||
LD_DEBUG_OUTPUT is ignored for setuid/setgid binaries.
|
LD_DEBUG_OUTPUT is ignored for set-user-ID/set-group-ID binaries.
|
||||||
.TP
|
.TP
|
||||||
.B LD_VERBOSE
|
.B LD_VERBOSE
|
||||||
(glibc since 2.1)
|
(glibc since 2.1)
|
||||||
|
@ -174,7 +175,7 @@ Shared object to be profiled.
|
||||||
File where
|
File where
|
||||||
.B LD_PROFILE
|
.B LD_PROFILE
|
||||||
output should be stored, default is standard output.
|
output should be stored, default is standard output.
|
||||||
LD_DEBUG_OUTPUT is ignored for setuid/setgid binaries.
|
LD_DEBUG_OUTPUT is ignored for set-user-ID/set-group-ID binaries.
|
||||||
.TP
|
.TP
|
||||||
.B LD_AOUT_LIBRARY_PATH
|
.B LD_AOUT_LIBRARY_PATH
|
||||||
(libc5)
|
(libc5)
|
||||||
|
@ -196,7 +197,7 @@ Mask for hardware capabilities.
|
||||||
.TP
|
.TP
|
||||||
.B LD_ORIGIN_PATH
|
.B LD_ORIGIN_PATH
|
||||||
(glibc since 2.1)
|
(glibc since 2.1)
|
||||||
Path where the binary is found (for non-setuid programs).
|
Path where the binary is found (for non-set-user-ID programs).
|
||||||
.TP
|
.TP
|
||||||
.B LD_DYNAMIC_WEAK
|
.B LD_DYNAMIC_WEAK
|
||||||
(glibc since 2.1.91)
|
(glibc since 2.1.91)
|
||||||
|
|
Loading…
Reference in New Issue