[Python-Dev] Pondering some changes to python.c...
07 Apr 2002 10:07:03 -0400
Sean> It would seem that if you were to unset LD_LIBRARY_PATH and
Sean> PYTHONPATH (I'm probably missing something), and then pick up
Sean> the priveleges specified in argv, that you could safely do
Sean> SUID Python. Some folks I've mentioned it to seem to think it's
Sean> just a bad idea to have an SUID python, but I think it's better
Sean> to solve the problems once than have people re-inventing the
Sean> wheel badly...
You might want to be careful about LD_LIBRARY_PATH -- if the executable
is built for dynamic linking, and it needs a library that's not in
/usr/lib, mightn't changing LD_LIBRARY_PATH cause it to fail?
Andrew Koenig, email@example.com, http://www.research.att.com/info/ark