Geek Answers Handbook

How to use $ ORIGIN and suid application?

I am using python with setcap enabled CAP_NET_RAW. My python script imports a shared library that has $ ORIGIN in its RPATH. Since my python is now a suid application, $ ORIGIN is not evaluated and the library does not load correctly (this is due to a security leak detected in glibc ). Is there a way to tell the linker that my library path is safe and load the library anyway?

A few more notes:

  • I need this feature only at the development stage. I am not looking for a manufacturing solution.
  • When working with root privileges everything works.
  • I do not want to work as root.

Thanks Dave

+7
source share
2 answers

You can try one of them. Note that <path-to-mylib> is the absolute path after resolving the $ORIGIN rpath link.

  • Run ldconfig after telling where to find your library

     $ echo "<path-to-mylib>" > /etc/ld.so.conf.d/my-new-library.conf $ ldconfig -v

  • If running applications as root is not an option, export LD_LIBRARY_PATH with the correct directory for each process execution

     $ echo "export LD_LIBRARY_PATH=<path-to-mylib>" >> ~/.bashrc $ export LD_LIBRARY_PATH=<path-to-mylib> $ # then run your stuff...
+2
source

Have you tried sudo?

Instead of $ ORIGIN, use fixed paths during development, because they will work in setuid programs. Do not change your main build process, just use patchelf to set rpath to what you need. You can make a shell script that does something like:

 ln=`readelf -d |grep RPATH` IFS=: set -- $ln newrpath=`echo $2 |sed 's/\$ORIGIN/\/devel\/myprog\/lib/'` patchelf --set-rpath newrpath myprogram

Then your binary will no longer search for $ ORIGIN /../ lib, but / devel / myprog / lib /../ lib

+1
source

More articles:


All Articles