• cristy's avatar
    Improve security of magick.sh · 3e428d31
    cristy authored
    Many wrapper scripts contain things like
    
            export LD_LIBRARY_PATH=foo:$LD_LIBRARY_PATH
    
    This is bad because if LD_LIBRARY_PATH is unset, it will expand to
    
            LD_LIBRARY_PATH=foo:
    
    which is interpreted as
    
            LD_LIBRARY_PATH=foo:.
    
    This means that the current directory is searched for libraries before
    /lib and /usr/lib, which can have security implications.
    
    This means that the current directory is searched for libraries before
    
    The fix is to use "${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" instead of
    ":$LD_LIBRARY_PATH". This will get rid of the colon if LD_LIBRARY_PATH
    is unset.
    3e428d31
magick.sh.in 1.53 KB