You're replying to a comment by Thomas.

Thomas Permalink
October 26, 2009, 15:38

So since this has clearly been a known concern with ldd for ages, it's intriguing to me that a) I've never even heard of it and b) it looks simple to patch ldd to avoid this vector.

True, it's not a security exploit. It is, however, unexpected behaviour, at least to some of us, and as Peter points out can be a useful rung on a privilege-escalation ladder.

Anyone feel like submitting a patch upstream?

-- Thomas

Reply To This Comment

(why do I need your e-mail?)

(Your twitter handle, if you have one.)

Type the word "floppy_156": (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.