ldd functionality from suid binary

Carlos O'Donell carlos_odonell@mentor.com
Tue Jul 17 13:21:00 GMT 2012

On 7/17/2012 9:06 AM, RenĂĄta HodovĂĄn wrote:
> Any idea? :)
> Once again, the question is: is there any way to call ldd from an suid binary?
> Cheers,
> Reni
> 2012-07-12 20:56 keltezĂŠssel, RenĂĄta HodovĂĄn Ă­rta:
>> Hi there,
>> I have a problem what I hope you can help in. I need a C++ function what is able to work out an ldd-like functionality (this should be a part of a bigger project). I already have a solution and you can find its simplified version under the following link:
>> http://pastebin.com/3SwYj5vR
>> Unfortunately the binary, what will contain this code, has suid flag. And in this case my example exits with status 5 error message (without suid the code works fine).
>> I investigated the code of ldd and found the following in rtld.c : process_dl_audit function:
>>       if (mode != normal)
>>         _exit (5);
>> So it seems to me that ldd doesn't work for suid binaries. But I hope that I'm wrong.
>> This is why I'd like to ask your help to find a solution/workaround!

You need to exec a non-suid binary to do the work for you and return the results.
It will provide better security to do risky things (like auditing) in a separate process.

If you feel that a suid binary should be able to run with dangerous environment variables
set then please file a bugzilla issue with your use case.

Carlos O'Donell
Mentor Graphics / CodeSourcery
+1 (613) 963 1026

More information about the Libc-help mailing list