shared libraries - Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

Question

Welcome To Ask or Share your Answers For Others

shared libraries - Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

posted Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

shared libraries - Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

I use LD_LIBRARY_PATH to set the path of a certain user library for an application. But if I set capabilities on this application

sudo setcap CAP_NET_BIND_SERVICE=eip myapplication

then LD_LIBRARY_PATH seems to be ignored. When I launch the program, Linux complains that it cannot find a certain shared library.

I guess that there's some kind of protection kicking in, to prevent applications with extended rights from being hijacked. Is there a workaround?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-17T01:04:06+0000

As already stated in other answers, this behavior is intended. There is some kind of workaround if you can compile (or at least link) the application yourself. Then you can pass -Wl,-rpath <yourDynamicLibraryPath> to gcc or -rpath <yourDynamicLibraryPath> to ld and you won't have to specify LD_LIBRARY_PATH at all on execution.

Categories

shared libraries - Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

shared libraries - Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags