Autor: Dengler, Gabriel Datum: To: exim-users Betreff: Re: [exim] Exim in Gramine: defining search path for loading
dynamic libraries
Hey Jeremy,
thanks, setting keep_environment = LD_LIBRARY_PATH in the main
configuration file seemed to do the trick.
About the security caveats: do you think that there could be bigger
security issues if the code runs in an isolated environment like Gramine
is? Or can you sketch how a possible security attack could look?
Best regards,
Gabriel
On 02.11.22 16:50, Jeremy Harris via Exim-users wrote:
> On 31/10/2022 21:57, Dengler, Gabriel via Exim-users wrote:
>
>> Currently unsolved is a problem regarding the LD_LIBRARY_PATH: in
>> Gramine, you can define which libraries have to be loaded.
>
> If that operates by setting an LD_LIBRARY_PATH env var,
> you could try adding that to the main-config option
> "keep_environment".
>
> Do read the manual section on it regarding security caveats.