On Fri, Jan 28, 2005 at 07:28:44PM -0500, Greg A. Woods wrote:
> Defaulting the runtime search path to be a path made up of the '-L'
> directories (along with the system default paths) even when those might
> be relative directory references, is another valid approach, and one
> that was used for a very long time (decades?) on some systems, including
> early NetBSD (pre-ELF).  However some folks seem so terrified that
> they'll allow a developer to create a binary that won't run, that they
> absolutely detest this time-honoured and well proven technique.

It's not about a program that won't run, it's about SECURITY.
You link your program with
'cc -L/tmp/test suid-root-me.c -o /usr/bin/suid-root-me' and that
looks innocent until the system cleans /tmp and the next unpaid admin
logs into the system. It's easy to construct less extreme situations,
but it's just too easy for -L == -R systems to open a back-door.

Joerg