Bug#451559: Check for insecure LD_LIBRARY_PATH in wrapper scripts

To: 451559@bugs.debian.org
Subject: Bug#451559: Check for insecure LD_LIBRARY_PATH in wrapper scripts
From: Jakub Wilk <jwilk@debian.org>
Date: Mon, 22 Nov 2010 12:37:38 +0100
Message-id: <[🔎] 20101122113738.GA4386@jwilk.net>
Mail-followup-to: 451559@bugs.debian.org
Reply-to: Jakub Wilk <jwilk@debian.org>, 451559@bugs.debian.org
In-reply-to: <200712062253.51504.sf@sfritsch.de>
References: <200712062253.51504.sf@sfritsch.de>

Please extend this check to look for insecure use of PYTHONPATH; seedisussion at:

http://lists.debian.org/debian-python/2010/11/msg00045.html

* Stefan Fritsch <sf@sfritsch.de>, 2007-12-06, 22:53:

The above regexp by itself will give a false positive result for
constructs like:

if [ -n "$LD_LIBRARY_PATH" ]; then
       export LD_LIBRARY_PATH=$WINELIB:$LD_LIBRARY_PATH
else
       export LD_LIBRARY_PATH=$WINELIB
fi


Another class of false-positives with naïve regex approach is:

export LD_LIBRARY_PATH=/path/to/something:$LD_LIBRARY_PATH
cd /path/to/something/else

--
Jakub Wilk

Reply to:

Prev by Date: Bug#604183: sr@latin locale debconf pre-depends issue
Next by Date: Re: Untrusted search path vulnerabilities
Previous by thread: Bug#604183: sr@latin locale debconf pre-depends issue
Next by thread: Bug#604620: Please warn if LSB init header does not have a Description and Short-Description field
Index(es):
- Date
- Thread