Extend the ldconfig security check so that it ignores group-writable

directories in addition to world-writable directories. As before, this check can be disabled with the "-i" option, which in turn can be made the default for boot-up by setting "ldconfig_insecure=YES" in "/etc/rc.conf". Also fix an mdoc nit in the manual page. Submitted by: Maxime Henrion <mux@qualys.com>
2000-12-17 18:50:56 +00:00 · 2000-12-17 18:50:56 +00:00 · 4c6616fc3e
commit 4c6616fc3e
parent 6aec809c4d
2 changed files with 8 additions and 2 deletions
--- a/sbin/ldconfig/elfhints.c
+++ b/sbin/ldconfig/elfhints.c
@ -74,6 +74,10 @@ add_dir(const char *hintsfile, const char *name, int trusted)
 			warnx("%s: ignoring world-writable directory", name);
 			return;
 		}
+		if ((stbuf.st_mode & S_IWGRP) != 0) {
+			warnx("%s: ignoring group-writable directory", name);
+			return;
+		}
 	}

 	for (i = 0;  i < ndirs;  i++)
--- a/sbin/ldconfig/ldconfig.8
+++ b/sbin/ldconfig/ldconfig.8
@ -61,9 +61,11 @@ line.  Blank lines and lines starting with the comment character
 .Ql \&#
 are ignored.
 .Pp
-For security reasons, directories which are world-writable or which
+For security reasons, directories which are world or group-writable or which
 are not owned by root produce warning messages and are skipped, unless
-the -i option is present.
+the
+.Fl i
+option is present.
 .Pp
 The shared libraries which are found will be automatically available for loading
 if needed by the program being prepared for execution.