#13595: LD_LIBRARY_PATH potential security risk
----------------------------------+-----------------------------------------
Reporter: jdemeyer | Owner: leif
Type: defect | Status: new
Priority: blocker | Milestone: sage-5.4
Component: scripts | Resolution:
Keywords: | Work issues:
Report Upstream: N/A | Reviewers:
Authors: Jeroen Demeyer | Merged in:
Dependencies: | Stopgaps:
----------------------------------+-----------------------------------------
Description changed by jdemeyer:
Old description:
> In Sage, `LD_LIBRARY_PATH` ends with ":", which means the ''current
> working directory'' will be searched also. This must not happen because
> of obvious security dangers.
New description:
In Sage, `LD_LIBRARY_PATH` ends with ":", which means the ''current
working directory'' will be searched also. This must not happen because
of obvious security dangers.
'''Apply''' [attachment:13595_LD_LIBRARY_PATH.patch] to the `SAGE_ROOT`
repository.
--
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/13595#comment:1>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
