LDFLAGS of the Makefile
H.G.Borrmann
borrmann at ibm1.ruf.uni-freiburg.de
Tue Apr 11 23:43:29 EST 2000
I have compiled and installed OpenSSH 1.2.3 under AIX 4.3.3.
The call to configure was:
CFLAGS="-I/client/include -L/usr/ruf/lib" \
./configure --with-egd-pool=/dev/urandom \
--with-afs=/usr/afsws \
--with-kerberos4=/client \
--with-tcp-wrappers \
--with-pid-dir=/etc \
--sysconfdir=/etc \
--with-ipv4-default \
--prefix=/sw/rs_aix433/openssh-1.2.3
The resultant makefile has the line:
LDFLAGS=-L. -L/usr/local/lib -L/client/lib
As a consequence a dot (the current directory) appears in the PATH of the Loader Section of ssh at the
first place! That mean that a local user my replace the shared libraries libc.a, libnsl.a and libz.a by his own
versions and manipulate the system as root, because ssh is installed suid root.
H.G.Borrmann
._________________________________________________________________________.
|H.G.Borrmann |Tel.: (0761) 203-4652 |
|Rechenzentrum der Universitaet Freiburg|Fax: (0761) 203-4643 |
|Hermann-Herder-Str. 10 |email: |
|D79104 FREIBURG |borrmann at ruf.uni-freiburg.de |
|_________________________________________________________________________|
More information about the openssh-unix-dev
mailing list