Johnny Chi-Lung Lam wrote:
> 
> The default installation of dt is setgid utmp.  If I export the
> variable LD_LIBRARY_PATH before starting dt, the shells spawned by dt
> don't have LD_LIBRARY_PATH in their environment.  If I remove the
> setgid bit on dt, then the subshells DO see LD_LIBRARY_PATH.  One last
> thing --- this only happens to LD_LIBRARY_PATH, not to any other
> environment variable that I set.
> 
> What's going on??

>From the Security section of the ldconfig(8) man page:

Special care must be taken when loading shared libraries into the address
space of set-user-Id programs. Whenever such a program is run, ld.so will
only load shared libraries from the ld.so.hints file. In particular, the
LD_LIBRARY_PATH is not used to search for libraries. Thus, the role of
ldconfig is dual. In addition to building a set of hints for quick
lookup, it also serves to specify the trusted collection of directories
from which shared objects can be safely loaded. It is presumed that the
set of directories specified to ldconfig are under control of the sys-
tem's administrator.  ld.so further assists set-user-Id programs by eras-
ing the LD_LIBRARY_PATH from the environment.


I hope that explains it.

Later.

-- 
Colin Wood                                 cwood@ichips.intel.com
Component Design Engineer - MD6                 Intel Corporation
-----------------------------------------------------------------
I speak only on my own behalf, not for my employer.