netbsd-bugs: lib/12759: a.out compat ld.so break with setuid binaries

Subject: lib/12759: a.out compat ld.so break with setuid binaries
To: None <gnats-bugs@gnats.netbsd.org>
From: None <abs@mono.org>
List: netbsd-bugs
Date: 04/26/2001 16:18:23

>Number:         12759
>Category:       lib
>Synopsis:       a.out compat ld.so break with setuid binaries
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Apr 26 08:19:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     abs
>Release:        NetBSD 1.5.1_ALPHA
>Organization:
Monochrome
>Environment:
	
System: NetBSD neutron.mono.org 1.5.1_ALPHA NetBSD 1.5.1_ALPHA (k) #0: Fri Apr 6 11:20:01 BST 2001 abs@neutron.mono.org:/var/tmp/k sparc


>Description:
	If a dynamically linked 1.4 sparc binary is run on a 1.5 system
	/usr/libexec/ld.so automatically checks in /emul/a.out/usr/lib for
	shared libraries. This does not seem to happen if the binary is setuid.

>How-To-Repeat:
	Install compat_14 package on 1.5 sparc system. (I would expect this
	to happen on i386 also). Take 1.4 dynamically linked binary.
	If its setuid it will fail with
	/usr/libexec/ld.so: suid.sparc: libc.so.12.40: No such file or directory
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: