Bug 989514 - avoid setting insecure LD_LIBRARY_PATH
avoid setting insecure LD_LIBRARY_PATH
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: glusterfs (Show other bugs)
6.5
Unspecified Unspecified
urgent Severity urgent
: rc
: ---
Assigned To: Amar Tumballi
Cluster QE
:
Depends On:
Blocks: 989689 989858
  Show dependency treegraph
 
Reported: 2013-07-29 08:23 EDT by Bala.FA
Modified: 2015-11-22 21:57 EST (History)
5 users (show)

See Also:
Fixed In Version: glusterfs-3.4.0.22rhs-2
Doc Type: Bug Fix
Doc Text:
Cause: mount.glusterfs uses LD_LIBRARY_PATH which is insecure and rpmdiff test on errata fails Consequence: attaching build to errata fails in rpmdiff test Fix: remove LD_LIBRARY_PATH usage which is no longer needed in mount.glusterfs Result: now rpmdiff doesn't report failure when attaching builds
Story Points: ---
Clone Of:
: 989689 (view as bug list)
Environment:
Last Closed: 2013-11-21 06:59:00 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Bala.FA 2013-07-29 08:23:31 EDT
mount.glusterfs uses insecure LD_LIBRARY_PATH.  We would need to avoid using it as it fails in errata process.
Comment 1 Amar Tumballi 2013-08-23 14:24:58 EDT
removed all the reference to LD_LIBRARY_PATH from the code.
Comment 3 Amar Tumballi 2013-10-09 01:18:47 EDT
before the fix (tried on glusterfs-3.4.0.10rhs or earlier)

amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
54:    LD_LIBRARY_PATH=@libdir@:${LD_LIBRARY_PATH}
55:    export LD_LIBRARY_PATH

with latest (anything above glusterfs-3.4.0.22rhs)

amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs 
amar@ganaka:~/work/rhs-glusterfs$
Comment 4 Gowrishankar Rajaiyan 2013-10-09 02:13:30 EDT
Verified.

[root@dhcp201-162 ~]# grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
[root@dhcp201-162 ~]# 

[root@dhcp201-162 ~]# rpm -qf /sbin/mount.glusterfs 
glusterfs-fuse-3.4.0.34rhs-1.el6.x86_64
Comment 5 errata-xmlrpc 2013-11-21 06:59:00 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1641.html

Note You need to log in before you can comment on or make changes to this bug.