> > If the desired effect is really to have shared libraries loaded from
> > whatever the current directory is, then the administrator should add
> > the single dot . to LD_LIBRARY_PATH.
>
> But isn't a . in LD_LIBRARY_PATH the same as an empty entry.
> Or anyway, just as insecure?
They mean the same but one is less likely to apear in the variable by
accident as happens in this case.
> What the original script should do is append to LD_LIBRARY_PATH
> only if it is already defined. It's quite a common mistake I fear.
Agree, but with the system-wide ignoring of blank LD_LIBRARY_PATH entries
you have some fault-tolerance against wrongheaded packages.
--
##############################################################
# Antonomasia ant notatla.demon.co.uk #
# See http://www.notatla.demon.co.uk/ #
##############################################################
> > If the desired effect is really to have shared libraries loaded from
> > whatever the current directory is, then the administrator should add
> > the single dot . to LD_LIBRARY_PATH.
>
> But isn't a . in LD_LIBRARY_PATH the same as an empty entry.
> Or anyway, just as insecure?
They mean the same but one is less likely to apear in the variable by
accident as happens in this case.
> What the original script should do is append to LD_LIBRARY_PATH
> only if it is already defined. It's quite a common mistake I fear.
Agree, but with the system-wide ignoring of blank LD_LIBRARY_PATH entries
you have some fault-tolerance against wrongheaded packages.
--
##############################################################
# Antonomasia ant notatla.demon.co.uk #
# See http://www.notatla.demon.co.uk/ #
##############################################################
[ reply ]