by I have a program written mainly in C but with a fortran main
module. The program uses set-user-ID. I have /user/lang/SC0.0
in the environment variable LD_LIBRARY_PATH ( which is where
the libF77.so.* files exist. )
On a local SPARC runninig SunOS 4.1.2 I link the program without
specifying the fortran library locations explicitly with the -L
flag. I set the sticky bit and give world read and execute
privileges. Now the owner and anyone else can execute it.
Now I distribute the executable to a remote Solbourne running
OS/MP 4.1A (?). I set the privileges as before and now the owner
can run it but gets the warning:
ld.so: warning: /usr/lang/SC0.0/libF77.so.1.1 has older revision
than expected 4
ld.so: warning: /usr/lib/libc.so.1.6 has older revision than
expected 7
Anybody else ( with LD_LIBRARY_PATH set the same as for the owner )
gets:
ld.so: libF77.so.1: not found
Now I see from the man pages for ld.so that as a security precaution
ld.so will not search LD_LIBRARY_PATH for a set-user-ID program.
I am now puzzled as to why it works on the original system.
I tried running the strings utility on the image and I don't see
any references to /usr/lang/SC0.0. I don't see any links in the
"trusted" directories to to the libF77.so.1.1 file and the
/usr/lang/SC0.0 directory was not specified as a -L option on the
original link.
Can somebody please explain what is happening.
Thanks.
--
===============================Nick Rees===============================
mail: Texaco, Inc., 3901 Briarpark, Houston, TX 77042
========================================================================