LD_LIBRARY_PATH for setuid binaries


A colleague and I got a bit surprised when on a stripped Solaris, a program refused to work cause it couldn't find a shared library. But even after setting the LD_LIBRARY_PATH environment variable, the program behaved in the same way. In cases like that, one should try to modify the global ld path, which is /etc/ on Linux, but that file is not present on Solaris. Even greater frustration arose when it turned out that setud binaries cannot be trussed, so no list of syscalls to find out where the program is looking for its libraries.

Turns out that the use of LD_LIBRARY_PATH is restricted for setuid and setgid programs, as part of the Trusted Solaris environment. However, the list of shared library directories can be extended to the list of trusted directories in /var/ld/ld.config by use of the crle command.