HP-UX Reference (11i v2 07/12) - 1 User Commands A-M (vol 1)
l
ld_ia(1)
Integrity Systems Only
ld_ia(1)
Performance
Performance of the incremental linker may suffer greatly if you change a high percentage of object files.
The incremental linker may not link small programs much faster, and the relative increase in size of the
executable is greater than that for larger programs.
Do not use the incremental linker to create final production modules. Because it reserves additional pad-
ding space, modules created by the incremental linker are considerably larger than those created in regular
links.
Security Restrictions
On a system that supports fine-grained privileges, if a process gains any privileges from the binary’s
extended attributes, dynamic path lookup is disabled. Similarly, on a system that supports compartments,
if a process changes compartment due to the binary’s extended attributes, the dynamic path lookup is dis-
abled.
See setfilexsec(1M) on how to set extended attributes on a binary. See privileges(5) and compartments(5)
for more information on privileges and compartments.
Linking Secure Programs
Secure programs are programs that are commonly run by privileged users, such as
root, or programs that
run with elevated privileges due to
setuid or setgid protection. Yous should take special precautions
when linking secure programs that use shared libraries. The default linker behavior may be sufficient for
secure PA-RISC 32-bit applications, but not for PA-RISC 64-bit or Integrity system applications.
Secure programs should be linked with the option +noenvvar to disable the use of SHLIB_PATH and
LD_LIBRARY_PATH for locating shared library dependencies. Secure programs should also link with
+nodefaultrpath to prevent the automatic construction of an embedded search path based on search
directories specified with
-L options. Most directories searched at link time don’t need to be searched at
run time, and if these directories are specified as relative paths, they expose the program to the same secu-
rity risks as the use of SHLIB_PATH and LD_LIBRARY_PATH
.
Programs built with
+compat are linked as if +noenvvar
and +nodefaultrpath were specified.
However, additional PA-RISC 32-bit compatibility features are also enabled by +compat.
Normal programs that depend on libraries that only exist in a directory specified in
SHLIB_PATH
or
LD_LIBRARY_PATH must not be linked with
+noenvvar, and if +compat is used, +s must also be
used to enable searching
SHLIB_PATH and LD_LIBRARY_PATH
. Programs that depend on
SHLIB_PATH or LD_LIBRARY_PATH
cannot be protected as setuid or setgid programs.
dld uses the dynamic path lookup (with SHLIB_PATH and LD_LIBRARY_PATH
) only if the following
conditions are satisfied:
getuid() == geteuid() && getgid() == getegid()
That is, if the uid or gid does not match its effective counterpart, dld
does not check the directories
specified in
SHLIB_PATH and LD_LIBRARY_PATH
, which causes the runtime error "library not
found
".
EXTERNAL INFLUENCES
Environment Variables
LDOPTS Arguments can be passed to the linker through the LDOPTS environment variable as well
as on the command line. The linker gets the value of LDOPTS and places its contents
before any arguments on the command line.
LPATH Specifies default directories to search for library files. See the -l option.
LD_LIBRARY_PATH and SHLIB_PATH
Specifies, at runtime, directories to search for library files. See the -s option and the
+help option for the Online HP-UX Linker and Libraries User’s Guide for more informa-
tion.
The following internationalization variables affect the execution of ld:
LANG Determines the locale category for native language, local customs and coded character set
in the absence of LC_ALL and other LC_* environment variables. If LANG is not
specified or is set to the empty string, a default of C (see lang(5)) is used instead of LANG.
514 Hewlett-Packard Company − 17 − HP-UX 11i Version 2: December 2007 Update