[openib-general] Re: [PATCH] rdma_lat-09 and results
Roland Dreier
roland at topspin.com
Thu Jun 23 10:21:23 PDT 2005
Michael> At least for this usage, I think it would be best to
Michael> rename mthca.a (and mthca.so) to libmthca.a (and
Michael> libmthca.so), respectively, and put them in libpath, then
Michael> softlink libmthca.so to infiniband directory.
Michael> This avoids the need for such utilities. Would you
Michael> accept such a change?
That makes sense, although I don't see why we want libmthca.so in the
regular library directory. It seems like the best would be to have
libmthca.a in $(libdir) and mthca.so in $(libdir)/infiniband. That
way we make it easy to do static linking and avoid having two names
for the same object.
Michael> Hmm, this would be a security problem if someone sets
Michael> suid bit on programs using uverbs.
True, good point. To me being able to set the search path is much
more useful than being able to have secure suid verbs programs, so I
don't want to get rid of the OPENIB_DRIVER_PATH. Does something like
the following seem good enough?
--- libibverbs/src/init.c (revision 2656)
+++ libibverbs/src/init.c (working copy)
@@ -41,6 +41,8 @@
#include <glob.h>
#include <stdio.h>
#include <dlfcn.h>
+#include <unistd.h>
+#include <sys/types.h>
#include "ibverbs.h"
@@ -207,11 +209,17 @@ static void INIT ibverbs_init(void)
*/
load_driver(NULL);
- user_path = getenv(OPENIB_DRIVER_PATH_ENV);
- if (user_path) {
- wr_path = strdupa(user_path);
- while ((dir = strsep(&wr_path, ";:")))
- find_drivers(dir);
+ /*
+ * Only follow the path passed in through the calling user's
+ * environment if we're not running SUID.
+ */
+ if (getuid() == geteuid()) {
+ user_path = getenv(OPENIB_DRIVER_PATH_ENV);
+ if (user_path) {
+ wr_path = strdupa(user_path);
+ while ((dir = strsep(&wr_path, ";:")))
+ find_drivers(dir);
+ }
}
find_drivers(default_path);
More information about the general
mailing list