public inbox for [email protected]  
help / color / mirror / Atom feed
From: Tom Lane <[email protected]>
To: Thomas Munro <[email protected]>
Cc: Andres Freund <[email protected]>
Cc: John Naylor <[email protected]>
Cc: pgsql-hackers <[email protected]>
Subject: Re: [RFC] building postgres with meson
Date: Thu, 14 Oct 2021 19:04:27 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
	<CAFBsxsHwt7fvLKMCNkJQex-TpYb+CuX1RSBxbCEQ4Lb_FtgsVA@mail.gmail.com>
	<[email protected]>
	<CAFBsxsGOeT1cKp6iVjTTWQL+Vwt3cZgV4nOK2+zju4OLv6+TmA@mail.gmail.com>
	<[email protected]>
	<CAFBsxsEqZ1cCayUEd6nS7sS9Pv29G-hkJLbqE1wUmtG1AP4xcg@mail.gmail.com>
	<[email protected]>
	<CAFBsxsF2oeU3VUkB-TtvuJXAvyxHAQcweHDPAO0EC=e4BgC=yQ@mail.gmail.com>
	<CAFBsxsHfwZYDUOa1+KuW21WDJr+ONscE5ATgvfEBO7mgJHuWPA@mail.gmail.com>
	<[email protected]>
	<[email protected]>
	<CA+hUKGJcPZoJgQuwF3NOxymg6KW6azChcjFXB4fgbLQFBSXy0A@mail.gmail.com>
	<[email protected]>

I wrote:
> I recall that we figured out awhile ago that the environment gets trimmed
> when make (or whatever) executes some command via the shell; seemingly,
> Apple has decided that /bin/sh is a security-critical program that mustn't
> be run with a non-default DYLD_LIBRARY_PATH.  Dunno if that helps you
> find where the damage is done exactly.

BTW, here's the evidence for this theory:

[tgl@pro ~]$ cat checkenv.c
#include <stdio.h>
#include <stdlib.h>

int
main(int argc, char **argv)
{
  char *pth = getenv("DYLD_LIBRARY_PATH");

  if (pth)
    printf("DYLD_LIBRARY_PATH = %s\n", pth);
  else
    printf("DYLD_LIBRARY_PATH is unset\n");

  return 0;
}
[tgl@pro ~]$ gcc checkenv.c
[tgl@pro ~]$ ./a.out
DYLD_LIBRARY_PATH is unset
[tgl@pro ~]$ export DYLD_LIBRARY_PATH=/Users/tgl/pginstall/lib
[tgl@pro ~]$ ./a.out
DYLD_LIBRARY_PATH = /Users/tgl/pginstall/lib
[tgl@pro ~]$ sh -c ./a.out
DYLD_LIBRARY_PATH is unset
[tgl@pro ~]$ ./a.out
DYLD_LIBRARY_PATH = /Users/tgl/pginstall/lib
[tgl@pro ~]$ bash -c ./a.out
DYLD_LIBRARY_PATH is unset

You have to check the environment using an "unprivileged" program.
If you try to examine the environment using, say, "env", you will get
very misleading results.  AFAICT, /usr/bin/env is *also* considered
security-critical, because I cannot get it to ever report that
DYLD_LIBRARY_PATH is set.

Hmm ... /usr/bin/perl seems to act the same way.  It can see
ENV{'PATH'} but not ENV{'DYLD_LIBRARY_PATH'}.

This may indicate that they've applied this policy on a blanket
basis to everything in /bin and /usr/bin (and other system
directories, maybe), rather than singling out the shell.

			regards, tom lane





view thread (130+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected]
  Subject: Re: [RFC] building postgres with meson
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox