LD_LIBRARY_PATH ignored on Android sometimes

Question

i have an android app which spawns many native executables dinamically linked with libraries i distribute with the package. To launch those binaries, i use the LD_LIBRARY_PATH e

Answer 1

This is not a kernel related issue, but an LD related issue: The loading of libraries is entirely in user mode, not kernel mode, so the kernel would have nothing to do with it. The kernel is only responsible for transferring control to ld, which loops over the DYNAMIC section of the ELF binary, loading any libraries, and figuring out what to do with environment variables like LD_PRELOAD and LD_PRELOAD.

The variables, however, can pose an inherent security risk: LD_LIBRARY_PATH enables you to put your own paths before the system defaults (/lib or - in Android, /system/lib). LD_PRELOAD is even worse, because it force loads (shoves) your library into the process, whether or not the process requested it - which can lead to injection of malicious code into a sensitive process. For this reason, this is not allowed on root Setuid processes. If you are in a root shell, however (i.e. on a rooted phone), most devices will allow it. The vendor might modify the LD, leading to your problems.

What you can do to work around:

• Easiest: remount /system as read/write (mount -o remount /system), and copy your libraries to /system/lib. Will require rooted phone

• Smartest: Statically link your libraries into your binary, while maintaing the other (system) libraries dynamic

Hope this helps,

TG