[Bug 1152593] Re: ldconfig follows symbolic links, causing unintended links in /lib

Duane Rezac duane.rezac.ctr at dla.mil
Fri Sep 6 16:31:14 UTC 2013 

While I  agree that McAfee's coding practice is very bad, the ldconfig
man page states that it should not follow symbolic links - the question
then, is  should ldconfig follow symbolic links in /lib ? if it should,
the man page needs to be changed.  If not, then it's still a bug even
though it shows up due to McAfee's poor coding.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1152593

Title:
  ldconfig follows symbolic links, causing unintended links in /lib

Status in “eglibc” package in Ubuntu:
  Won't Fix

Bug description:
  ldconfig is following symbolic links and creating unintended and
  potential harmful links in /lib

  In my case, this was first shown when we installed McAfee EpoAgent and
  LinuxShield.  The system crashed, and failed on boot as init was
  unable to load shared libraries.  Booting with a live cd showed that
  /lib/ld-linux-so.2 had been linkded to a McAfee Library.

  while I have seen the behavior of ld-linux.so.2 getting linked to the
  McAfee libraries in bug reports, the root cause was not found and the
  bugs closed, apparently with the assumption that it was some type of
  McAfee problem.  While I would question the validity of any
  application using it's own version of critical system files, that does
  not pertain to the problem of ldconfig following symbolic links.

  ldconfig is  following a symbolic links that points to a symbolic
  link. man page of  ldconfig indicates that ldconfig should ignore
  symbolic links. We are running the McAfee Epo Agent (ver 4.6)  and
  LinuxShield (ver 1.7.1) . These products create symbolic links ld-
  mfert.so.2 and ld-nails.so.2  in /lib  (we are also running the McAfee
  product on Redhat 5-enterprise, and this problem does not occur.)

  In /lib, ld-nails.so.2 and ld-mfert.so.2 are both symbolic links that
  point to a ld-linux.so.2 in one  McAfees library directories. the ld-
  linux.so.2 in the mcafee libraries  are symbolic links to a 2nd Mcafee
  library. For Example.  /lib/ld-mfert.so.2  points to
  /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 which is a symbolic link to
  /opt/McAfee/runtime/2.0/lib/ld-2.5.so.  this file contains the SONAME
  ld-linux.so.2

  Output of ldconfig -N -X -v shows that ldconfig is linking ld-
  linux.so.2 to /lib/ld-nails.so.2 or /llib/d-mfert.so.2. (appended to
  the end of this writeup, also a ls -l output of /lib showing the ld-
  nails.so.2 and ld-mfert.so.2 links)

  ldconfig is following the symbolic link in /lib, and since the McAfee files contain the SONAME ld-linux.so.2, it links them to /lib
  It appears that ldconfig is resolving the links, as the ld-linux.so.2 that it links in /lib fromo the MacAfee file (in this case ld-mfert.so.2) will point to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

  ldconfig -N -X -v of /lib:  (shows ld-linux.so.2 will be linked to ld-
  mfert.so.2)

  /lib:
  	libnss_mdns6.so.2 -> libnss_mdns6.so.2
  	libnss_mdns4_minimal.so.2 -> libnss_mdns4_minimal.so.2
  	libnss_mdns4.so.2 -> libnss_mdns4.so.2
  	libnl-3.so.200 -> libnl-3.so.200.3.0
  	libipq_pic.so.0 -> libipq_pic.so.0.0.0
  	libnss_mdns6_minimal.so.2 -> libnss_mdns6_minimal.so.2
  	libnss_mdns.so.2 -> libnss_mdns.so.2
  	libply-splash-graphics.so.2 -> libply-splash-graphics.so.2.0.0
  	libulockmgr.so.1 -> libulockmgr.so.1.0.1
  	libxtables.so.7 -> libxtables.so.7.0.0
  	libdevmapper-event.so.1.02.1 -> libdevmapper-event.so.1.02.1
  	libfuse.so.2 -> libfuse.so.2.8.6
  	libx86.so.1 -> libx86.so.1
  	libproc-3.2.8.so -> libproc-3.2.8.so
  	liblvm2app.so.2.2 -> liblvm2app.so.2.2
  	libply-splash-core.so.2 -> libply-splash-core.so.2.0.0
  	libiw.so.30 -> libiw.so.30
  	libdevmapper.so.1.02.1 -> libdevmapper.so.1.02.1
  	libip4tc.so.0 -> libip4tc.so.0.0.0
  	libply.so.2 -> libply.so.2.0.0
  	libnewt.so.0.52 -> libnewt.so.0.52.11
  	libnl-genl-3.so.200 -> libnl-genl-3.so.200.3.0
  	libnss_mdns_minimal.so.2 -> libnss_mdns_minimal.so.2
  	libipq.so.0 -> libipq.so.0.0.0
  	libiptc.so.0 -> libiptc.so.0.0.0
  	libsysfs.so.2 -> libsysfs.so.2.0.1
  	ld-linux.so.2 -> ld-mfert.so.2
  	libcryptsetup.so.4 -> libcryptsetup.so.4.0.0
  	libbrlapi.so.0.5 -> libbrlapi.so.0.5.6
  	libip6tc.so.0 -> libip6tc.so.0.0.0
  	libply-boot-client.so.2 -> libply-boot-client.so.2.0.0

  Output of ls-l  ld* of /lib (shows ld-mfert.so.2 and ld-nails.so.2 are
  symbolic links )

  
  lrwxrwxrwx  1 root root     25 Mar  6 07:55 ld-linux.so.2 -> i386-linux-gnu/ld-2.15.so*
  lrwxrwxrwx  1 root root     41 Mar  6 12:32 ld-mfert.so.2 -> /opt/McAfee/runtime/2.0/lib/ld-linux.so.2*
  lrwxrwxrwx  1 root root     38 Mar  7 07:19 ld-nails.so.2 -> /opt/NAI/LinuxShield/lib/ld-linux.so.2*

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1152593/+subscriptions

More information about the foundations-bugs mailing list