[Bug 1152593] Re: ldconfig follows symbolic links, causing unintended links in /lib

Adam Conrad adconrad at 0c3.net
Tue Jul 30 01:58:04 UTC 2013 

No matter how many times this is reported, this is *not* a bug in Ubuntu
or ldconfig, it's a bug in McAffee's libraries for claiming to provide
an SONAME that they clearly shouldn't.  Please, please, PLEASE put
pressure on them to fix their software.  I'm not going to work around
their bugs.

** Changed in: eglibc (Ubuntu)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1152593

Title:
  ldconfig follows symbolic links, causing unintended links in /lib

Status in “eglibc” package in Ubuntu:
  Won't Fix

Bug description:
  ldconfig is following symbolic links and creating unintended and
  potential harmful links in /lib

  In my case, this was first shown when we installed McAfee EpoAgent and
  LinuxShield.  The system crashed, and failed on boot as init was
  unable to load shared libraries.  Booting with a live cd showed that
  /lib/ld-linux-so.2 had been linkded to a McAfee Library.

  while I have seen the behavior of ld-linux.so.2 getting linked to the
  McAfee libraries in bug reports, the root cause was not found and the
  bugs closed, apparently with the assumption that it was some type of
  McAfee problem.  While I would question the validity of any
  application using it's own version of critical system files, that does
  not pertain to the problem of ldconfig following symbolic links.

  ldconfig is  following a symbolic links that points to a symbolic
  link. man page of  ldconfig indicates that ldconfig should ignore
  symbolic links. We are running the McAfee Epo Agent (ver 4.6)  and
  LinuxShield (ver 1.7.1) . These products create symbolic links ld-
  mfert.so.2 and ld-nails.so.2  in /lib  (we are also running the McAfee
  product on Redhat 5-enterprise, and this problem does not occur.)

  In /lib, ld-nails.so.2 and ld-mfert.so.2 are both symbolic links that
  point to a ld-linux.so.2 in one  McAfees library directories. the ld-
  linux.so.2 in the mcafee libraries  are symbolic links to a 2nd Mcafee
  library. For Example.  /lib/ld-mfert.so.2  points to
  /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 which is a symbolic link to
  /opt/McAfee/runtime/2.0/lib/ld-2.5.so.  this file contains the SONAME
  ld-linux.so.2

  Output of ldconfig -N -X -v shows that ldconfig is linking ld-
  linux.so.2 to /lib/ld-nails.so.2 or /llib/d-mfert.so.2. (appended to
  the end of this writeup, also a ls -l output of /lib showing the ld-
  nails.so.2 and ld-mfert.so.2 links)

  ldconfig is following the symbolic link in /lib, and since the McAfee files contain the SONAME ld-linux.so.2, it links them to /lib
  It appears that ldconfig is resolving the links, as the ld-linux.so.2 that it links in /lib fromo the MacAfee file (in this case ld-mfert.so.2) will point to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

  ldconfig -N -X -v of /lib:  (shows ld-linux.so.2 will be linked to ld-
  mfert.so.2)

  /lib:
  	libnss_mdns6.so.2 -> libnss_mdns6.so.2
  	libnss_mdns4_minimal.so.2 -> libnss_mdns4_minimal.so.2
  	libnss_mdns4.so.2 -> libnss_mdns4.so.2
  	libnl-3.so.200 -> libnl-3.so.200.3.0
  	libipq_pic.so.0 -> libipq_pic.so.0.0.0
  	libnss_mdns6_minimal.so.2 -> libnss_mdns6_minimal.so.2
  	libnss_mdns.so.2 -> libnss_mdns.so.2
  	libply-splash-graphics.so.2 -> libply-splash-graphics.so.2.0.0
  	libulockmgr.so.1 -> libulockmgr.so.1.0.1
  	libxtables.so.7 -> libxtables.so.7.0.0
  	libdevmapper-event.so.1.02.1 -> libdevmapper-event.so.1.02.1
  	libfuse.so.2 -> libfuse.so.2.8.6
  	libx86.so.1 -> libx86.so.1
  	libproc-3.2.8.so -> libproc-3.2.8.so
  	liblvm2app.so.2.2 -> liblvm2app.so.2.2
  	libply-splash-core.so.2 -> libply-splash-core.so.2.0.0
  	libiw.so.30 -> libiw.so.30
  	libdevmapper.so.1.02.1 -> libdevmapper.so.1.02.1
  	libip4tc.so.0 -> libip4tc.so.0.0.0
  	libply.so.2 -> libply.so.2.0.0
  	libnewt.so.0.52 -> libnewt.so.0.52.11
  	libnl-genl-3.so.200 -> libnl-genl-3.so.200.3.0
  	libnss_mdns_minimal.so.2 -> libnss_mdns_minimal.so.2
  	libipq.so.0 -> libipq.so.0.0.0
  	libiptc.so.0 -> libiptc.so.0.0.0
  	libsysfs.so.2 -> libsysfs.so.2.0.1
  	ld-linux.so.2 -> ld-mfert.so.2
  	libcryptsetup.so.4 -> libcryptsetup.so.4.0.0
  	libbrlapi.so.0.5 -> libbrlapi.so.0.5.6
  	libip6tc.so.0 -> libip6tc.so.0.0.0
  	libply-boot-client.so.2 -> libply-boot-client.so.2.0.0

  Output of ls-l  ld* of /lib (shows ld-mfert.so.2 and ld-nails.so.2 are
  symbolic links )

  
  lrwxrwxrwx  1 root root     25 Mar  6 07:55 ld-linux.so.2 -> i386-linux-gnu/ld-2.15.so*
  lrwxrwxrwx  1 root root     41 Mar  6 12:32 ld-mfert.so.2 -> /opt/McAfee/runtime/2.0/lib/ld-linux.so.2*
  lrwxrwxrwx  1 root root     38 Mar  7 07:19 ld-nails.so.2 -> /opt/NAI/LinuxShield/lib/ld-linux.so.2*

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1152593/+subscriptions

More information about the foundations-bugs mailing list