From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sun, 17 Oct 2010 13:27:26 +0400 From: "Dmitry V. Levin" To: ALT Devel discussion list Message-ID: <20101017092726.GA7358@altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <201010161658.19585.lav@altlinux.ru> <20101016131706.GA15537@altlinux.org> <201010171252.32476.lav@altlinux.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="huq684BweRXVnRxX" Content-Disposition: inline In-Reply-To: <201010171252.32476.lav@altlinux.ru> X-fingerprint: FE4C 93AB E19A 2E4C CB5D 3E4E 7CAB E6AC 9E35 361E Subject: Re: [devel] [Bug 24333] CVE-2010-3385: insecure library loading X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Oct 2010 09:27:26 -0000 Archived-At: List-Archive: List-Post: --huq684BweRXVnRxX Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 17, 2010 at 12:52:32PM +0400, Vitaly Lipatov wrote: > =F7 =D3=CF=CF=C2=DD=C5=CE=C9=C9 =CF=D4 =F3=D5=C2=C2=CF=D4=C1 16 =CF=CB=D4= =D1=C2=D2=D1 2010 Dmitry V. Levin =CE=C1=D0=C9=D3=C1=CC(a): > ... > > > =F4=C1=CB =C1 =D7=D3=A3-=D4=C1=CB=C9, =D5 =CE=C1=D3 =C5=D3=D4=D8 =DC= =D4=C1 =D0=D2=CF=C2=CC=C5=CD=C1 CVE-2010-3385, =C9=CC=C9 =CE=C5=D4? > >=20 > > =E5=D3=D4=D8, =CB=CF=CE=C5=DE=CE=CF, =C9 =D2=C5=DB=C1=D4=D8 =C5=A3 =D0= =CF =D0=D2=C5=D6=CE=C5=CD=D5 =CE=C1=C4=CF =D7 =D0=D2=C9=CC=CF=D6=C5=CE=C9= =D1=C8, =CB=CF=D4=CF=D2=D9=C5 > > =C6=CF=D2=CD=C9=D2=D5=C0=D4 LD_LIBRARY_PATH. > =E1 =D0=CF=DE=C5=CD=D5, =CB=CF=C7=C4=C1 =D7 PATH =C2=D9=CC ./ =D0=CF =D5= =CD=CF=CC=DE=C1=CE=C9=C0, =CD=D9 =D5=C2=D2=C1=CC=C9 =C5=C7=CF =C9=DA PATH, = =C1 =CB=CF=C7=C4=C1 =D4=CF=20 > =D6=C5 =D3=C1=CD=CF=C5 =C4=C5=CC=C1=C5=D4 ld, =CD=D9 =D0=D2=C1=D7=C9=CD L= D_LIBRARY_PATH? ld.so =CE=C5 =C9=C7=CE=CF=D2=C9=D2=D5=C5=D4 =DC=CC=C5=CD=C5=CE=D4=D9 PATH, = =CF=D0=D2=C5=C4=C5=CC=A3=CE=CE=D9=C5 =D0=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=C5= =CD, =C1 LD_LIBRARY_PATH =D0=CF =D5=CD=CF=CC=DE=C1=CE=C9=C0 =D7=CF=CF=C2=DD=C5 = =CF=D4=D3=D5=D4=D3=D4=D7=D5=C5=D4. > =E9 =CE=C5 =CE=C1=C4=CF =CC=C9 =D3=CF=DA=C4=C1=D4=D8 =D3=CB=D2=C9=D0=D4 = =D4=C9=D0=C1=20 > . /sbin/add_to_ld_library_path NEW_PATH =F7=CD=C5=D3=D4=CF =D0=C5=D2=C5=CD=C5=CE=CE=CF=CA LD_LIBRARY_PATH =CC=D5=DE= =DB=C5 =D3=CF=C2=C9=D2=C1=D4=D8 ELF=D9 =D3 RPATH. --=20 ldv --huq684BweRXVnRxX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAky6wX4ACgkQfKvmrJ41Nh7sHQCfbQozLIElLsPYWe+iNQgie8BN cH0AoMECGYSQDZaM13OGXnfT1EQnfqWl =Jr/A -----END PGP SIGNATURE----- --huq684BweRXVnRxX--