MacOS – Unable to set DYLD_FALLBACK_LIBRARY_PATH in shell on OSX 10.11.1

bashcommand linedynamic libraryenvironment-variablesmacos

In shell scripts used for unit testing with dynamic libraries in a directory other than the typical @rpath, I have previously been able to set DYLD_FALLBACK_LIBRARY_PATH to set the directory containing the libraries. Under 10.11.1, bash seems to ignore attempts to set this environment variable:

$ sh -x testscript.sh
+ DYLD_FALLBACK_LIBRARY_PATH=/Users/something/testinglibs
+ export DYLD_FALLBACK_LIBRARY_PATH
+ exec printenv

and DYLD_FALLBACK_LIBRARY_PATH is not present in printenv's output.

Is this a security-related hack in 10.11's shell? I haven't been able to find this change documented in man pages or online.

Best Answer

This is System Integrity Protection introduced in El Capitan

Documentation is in this from Apple

Basically any Apple supplied OS X executables are protected. and (from an earlier document)

Spawning children processes of processes restricted by System Integrity Protection, such as by launching a helper process in a bundle with NSTask or calling the exec(2) command, resets the Mach special ports of that child process. Any dynamic linker (dyld) environment variables, such as DYLD_LIBRARY_PATH, are purged when launching protected processes.

In this case sh is protected

Related Question