Linux SUID config cause binary file fail to execute

Question

I have one binary file (name is bmu) which needs root privilege while invoking statfs function.

The OS is SuSE Linux 2.6.16.60-0.21-smp
The user is test which is to run bmu and is a non-root user

test@SuSE:~> id
uid=1056(test) gid=0(root) groups=0(root),16(dialout),33(video)

I have tested 3 kinds of scenarios.

--->scenario 1
If bmu is not configured SUID, bmu can be executed but invoking will fail.

-rwxr-xr-x 1 test root 14389879 2012-04-10 10:38 bmu

--->scenario 2
If bmu is configured SUID, when bmu run by test, it will fail with the prompt "DBMS API Library 'libclntsh.so' loading fails"

-rwsr-sr-x 1 root root 14389879 2012-04-10 10:38 bmu

--->scenario 3
If bmu run by root, it will be executed successfully. of course, no matter SUID is configured or not.

-rwxr-xr-x 1 root root 14389879 2012-04-10 10:38 bmu

-rwsr-sr-x 1 root root 14389879 2012-04-10 10:38 bmu

From scenario 2, it looks like the issue of LD_LIBRARY_PATH config, but from scenario 1, we can find that this should not the issue of LD_LIBRARY_PATH config. From scenario 3, we can find that bmu is executable by root.

Only scenario 2 has the problem, so somebody can give some suggestions? thanks!

Answer 1

When a program is run as setuid, the LD_LIBRARY_PATH variable in your environment is ignored because it is a potential security vulnerability.

You should link your binary using an $ORIGIN relative rpath to the dependent library, or an absolute rpath reference to the library. See the ld man page for details on the $ORIGIN rpath.