svn commit: r267678 - head/libexec/rtld-elf
Mateusz Guzik
mjguzik at gmail.com
Sun Jun 22 01:41:08 UTC 2014
On Fri, Jun 20, 2014 at 05:08:32PM +0000, Jonathan Anderson wrote:
> Author: jonathan
> Date: Fri Jun 20 17:08:32 2014
> New Revision: 267678
> URL: http://svnweb.freebsd.org/changeset/base/267678
>
> Log:
> Add the LD_LIBRARY_PATH_FDS environmental variable.
>
> This variable allows the loading of shared libraries via directory descriptors
> rather than via library paths. If LD_LIBRARY_PATH_FDS=3:4:12, the directories
> represented by file descriptors 3, 4 and 12 will searched for shared libraries
> before the normal path-based mechanisms are used. This allows us to execute
> unprivileged binaries from within a Capsicum sandbox even if they require
> shared libraries.
>
This is not a request, but a mere suggestion.
Now there are 2 places where rtld opens requested libraries which is
somewhat unfortunate.
If find_library was changed to return directory fd to lookup the library
in and the path, open could be done in load_object with openat.
Old functions would return AT_FDCWD.
As a side note load_object would really use an assert that only one of
fd_u and name is set.
Cheers,
--
Mateusz Guzik <mjguzik gmail.com>
More information about the svn-src-all
mailing list