PROBLEM, the dynamical linker, adds shared libraries to  the
    memoryspace of a  program to be  started.  Its  flexibility allows
    for some  environment variables  to influence  the linking process
    such as preloading shared libraries  as well as defining the  path
    in which the linker will search for the shared libraries.  Special
    care   must   be   exercised   when   runtime-linking  setuid-  or

    The runtime-linker must not link against user-specified  libraries
    since the code therein would then run with the elevated privileges
    of the suid binary.

    The runtime-linker as used  in the SuSE distributions  ignores the
    content of  the critical  environment variables  if the  specified
    path begins with  a slash ("/"),  or if the  library file name  is
    not cached (eg  it is contained  in a path  from /etc/
    However, Solar Designer has found out that even preloading  glibc-
    native  shared  libraries  can  be  dangerous:   The  code  in the
    user-linked library is not aware of the fact that the binary  runs
    with suid  or sgid  privileges.   Using debugging  features of the
    glibc (and  possibly other  features) it  is possible  for a local
    attacker to overwrite arbitrary files with the elevated privileges
    of the suid/sgid binary executed.   This may lead to a local  root

    The upcoming SuSE-7.1  distribution is based  on glibc-2.2.   This
    distribution is not affected by the security problems in glibc  as
    discussed in security forums.


    For SuSE Linux:

    For Conectiva Linux:

    For TurboLinux:

    For Debian: