Task $7$: The LD

PRELOAD Environment Variable and Set$-$UID Programs

In this task, we study how Set$-$UID programs deal with some of the environment variables. Several en

vironment variables, including LD

PRELOAD, LD

LIBRARY

PATH, and other LD

$*$influence the behavior

of dynamic loader$/$linker$.$ A dynamic loader$/$linker is the part of an operating system $($OS$)$ that loads $($from

persistent storage to RAM$)$ and links the shared libraries needed by an executable at run time.

In Linux, ld$.$so or ld$-$linux.so$,$ are the dynamic loader$/$linker $($each for different types of binary$).$

Among the environment variables that affect their behaviors, LD

LIBRARY

PATH and LD

PRELOAD are

the two that we are concerned in this lab. In Linux, LD

LIBRARY

PATH is a colon$-$separated set of di

rectories where libraries should be searched for first, before the standard set of directories. LD

PRELOAD.

PRELOAD

specifies a list of additional, user$-$specified, shared libraries to be loaded before all others. In this task, we

will only study LD

Step $1.$ First, we will see how these environment variables influence the behavior of dynamic loader$/$linker

when running a normal program. Please follow these steps:

$1.$ Let us build a dynamic link library. Create the following program, and name it mylib.c$.$ It basically

overrides the sleep$()$ function in libc:

#include

void sleep $($int s$)$

$\{$

$/*$ If this is invoked by a privileged program,

you can do damages here! $*/$

printf$("$I am not sleeping!

$")$;

$\}$

$2.$ Wecan compile the above program using the following commands $($in the$-$lc argument, the second

character is $)$:

$ gcc$-$fPIC$-$g$-$c mylib.c

$ gcc$-$shared$-$o libmylib.so$\mathrm{.}1\mathrm{.}0\mathrm{.}1$ mylib.o$-$lc

$3.$ Now, set the LD

PRELOAD environment variable:

$ export LD$\_$PRELOAD$=./$libmylib$.$so$\mathrm{.}1\mathrm{.}0\mathrm{.}1$

$4.$ Finally, compile the following program myprog, and in the same directory as the above dynamic link

library libmylib.so$\mathrm{.}1\mathrm{.}0\mathrm{.}1$:

$/*$ myprog.c $*/$

#include

int main$()$

$\{$

sleep$(1)$;

return $0$;

$\}$

Step $2.$ After you have done the above, please run myprog under the following conditions, and observe

what happens.

$6$

Environment Variable and Set$-$UID Program Lab

CIS $495/595$

$$ Make myprogaregular program, and run it as a normal user.

$$ Make myprogaSet$-$UIDroot program, and run it as a normal user.

$$ Make myprog a Set$-$UID root program, export the LD

the root account and run it$.$

PRELOAD environment variable again in

$$ Make myprog a Set$-$UID user$1$ program $($i$.$e$.,$ the owner is user$1,$ which is another user account$),$

export the LD

PRELOAD environment variable again in a different user$$s account $($not$-$root user$)$ and

run it$.$

Step $3.$ You should be able to observe different behaviors in the scenarios described above, even though

you are running the same program. You need to figure out what causes the difference. Environment variables

play a role here. Ple