[28240] in bugtraq
Re: export LD_LIBRARY_PATH in /etc/profile.d/* files
daemon@ATHENA.MIT.EDU (mlh@zip.com.au)
Tue Dec 17 18:33:29 2002
Date: Wed, 18 Dec 2002 09:29:33 +1100
From: mlh@zip.com.au
To: rich@annexia.org
Message-ID: <20021218092933.B3721@zipperii.zip.com.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021217185059.GA8861@redhat.com>; from rich@annexia.org on Tue, Dec 17, 2002 at 06:51:00PM +0000
On Tue, Dec 17, 2002 at 06:51:00PM +0000, rich@annexia.org wrote:
> On a machine I administrate I recently discovered an entry in
> /etc/profile.d/oracle.sh:
>
> export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/home/oracle/OraHome1/lib
>
> I noticed today that this leaves the value of LD_LIBRARY_PATH as:
>
> :/home/oracle/OraHome1/lib
[ ... ]
> If the desired effect is really to have shared libraries loaded from
> whatever the current directory is, then the administrator should add
> the single dot . to LD_LIBRARY_PATH.
But isn't a . in LD_LIBRARY_PATH the same as an empty entry.
Or anyway, just as insecure?
What the original script should do is append to LD_LIBRARY_PATH
only if it is already defined. It's quite a common mistake I fear.
Scripts should do:
LD_LIBRARY_PATH=${LD_LIBRARY_PATH:+${LD_LIBRARY_PATH}:}$ORACLE_HOME/lib
Which is the same as
if [ -n "$LD_LIBRARY_PATH" ]
then
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:$ORACLE_HOME/lib
else
LD_LIBRARY_PATH=$ORACLE_HOME/lib
fi
Even Oracle's own oraenv script gets it wrong, but at least it
leaves the empty entry at the end.
Matt
