Subject: Re: non-root user executes root shell?
To: Lubomir Sedlacik <>
From: Ben Collver <>
List: netbsd-users
Date: 10/03/2004 05:35:05
On Sun, Oct 03, 2004 at 05:19:51AM -0700, Ben Collver wrote:
> 2) /usr/bin/id is dynamic linked to libc, so one could use
> LD_PRELOAD and a libc wrapper to execute arbitrary code.  I am not
> certain about this one.

I should have read the manual before writing this one.  From

The environment variables LD_LIBRARY_PATH and LD_PRELOAD are not honored
when executing in a set-user-ID or set-group-ID environment.  This action
is taken to prevent malicious substitution of shared object dependencies
or interposition of symbols.