Manualshelf

HP-UX 11i Java™ JDK/JRE Version 6.0.22 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Java Software
15161718192021222324
Now it is allowed, but patches must be installed, the SHLIB_PATH and
LD_LIBRARY_PATH environment variables must be set, and a configuration file must
be set up.
The HP-UX 11i September 2005 Quality Pack patch bundle provided support for /etc/
dld.sl.conf, which allows system administrators to specify a list of trusted paths on
the system. When executing within a setuid environment, the dynamic loader will
compare the paths in SHLIB_PATH/LD_LIBRARY_PATH against the list of trusted paths
found in /etc/dld.sl.conf. If the path is a trusted path, then it will be used for library
lookup.
Users can run Java from a setuid environment if the jre and jli paths are added to
the /etc/dld.sl.conf file as shown below and the
SHLIB_PATH/LD_LIBRARY_PATH is set:
cat /etc/dld.sl.conf:
<java6>/jre/lib/PA_RISC2.0
<java6>/jre/lib/PA_RISC2.0/server
<java6>/jre/lib/PA_RISC2.0/jli
<java6>/jre/lib/PA_RISC2.0W
<java6>/jre/lib/PA_RISC2.0W/server
<java6>/jre/lib/PA_RISC2.0W/jli
<java6>/jre/lib/IA64N
<java6>/jre/lib/IA64N/server
<java6>/jre/lib/IA64N/jli
<java6>/jre/lib/IA64W
<java6>/jre/lib/IA64W/server
<java6>/jre/lib/IA64W/jli
echo
$SHLIB_PATH=<java6>/jre/lib/PA_RISC2.0:<java6>/jre/lib/PA_RISC2.0/server:
<java6>/jre/lib/PA_RISC2.0/jli:<java6>/jre/lib/PA_RISC2.0W:
<java6>/jre/lib/PA_RISC2.0W/server:<java6>/jre/lib/PA_RISC2.0W/jli:
<java6>/jre/lib/IA64N:<java6>/jre/lib/IA64N/server:<java6>/jre/lib/IA64N/jli:
<java6>/jre/lib/IA64W:<java6>>/jre/lib/IA64W/server:java6>/jre/lib/IA64W/jli
The conf file should be writable only by root. Otherwise, the loader does not use its
contents. If /etc/dld.sl.conf does not exist or has the wrong permissions, all dynamic
path lookup is disabled. Any relative paths (paths not starting with slash (/) in the path
list are ignored by the loader.
For more information on the /etc/dld.sl.conf file, check the manpage entry for
dld.sl. This file is only referenced when the application is executing within a setuid
environment.
On PA-RISC HP-UX 11.11 systems, users can launch Java from a setuid application if
they install linker patch PHSS_35385 (or its superseding patch) on the system, set
SHLIB_PATH and LD_LIBRARY_PATH, and set up /etc/dld.sl.conf as shown
above.
On PA-RISC and Integrity HP-UX 11.23 and 11.31 systems, users can launch Java from
a setuid application if they install linker patch PHSS_37201 (11.23), PHSS_37202
(11.31) or their superseding patches, set SHLIB_PATH and LD_LIBRARY_PATH, and
set up /etc/dld.sl.conf as described above.
22