COMMAND

    rld

SYSTEMS AFFECTED

    IRIX 5.x, 6.x

PROBLEM

    A security vulnerability  has been found  with the runtime  linker
    program, rld, distributed in IRIX 5.x and 6.x.

    Silicon Graphics  Inc. has  investigated the  issue and recommends
    the following steps for neutralizing  the exposure.  It is  HIGHLY
    RECOMMENDED that these measures  be implemented on ALL  vulnerable
    SGI systems  running IRIX  5.x and  6.x versions.   This issue has
    been  corrected  in  more  recent  releases  of  IRIX  and will be
    corrected in future releases of IRIX.

    With  normal  installation,  the  runtime  loader  comes  from the
    compiler_eoe.sw.unix  subsystem  and   installs  the  program   as
    /lib/rld.   The  compiler_eoe.sw.unix  subsystem  is  installed by
    default on all systems.

    When running setuid and setgid programs, the rld program could  be
    manipulated to bypass existing permissions.   Local non-privileged
    users could gain root access.

SOLUTION

    Unfortunately, there are no immediate or temporary workarounds for
    this issue.  The issue can only be addressed with a patch. Patches
    are following and can be obtained fro, SGI anonymous ftp site:

        System OS    Patch
        ------------------
        IRIX 5.3     2064
        IRIX 6.1     2063
        IRIX 6.2     2044
        IRIX 6.3     2044
        IRIX 6.4     2044

    The SGI  anonymous FTP  site is  sgigate.sgi.com (204.94.209.1) or
    its mirror, ftp.sgi.com.