LD_PRELOAD from host environment should be cleared when starting an app

Currently, if the host has an LD_PRELOAD environment variable set this is leaked into the Snap environment when starting an application. This means that the linker inside the Snap will attempt to load the library indicated by the host’s LD_PRELOAD and fail because the library is invariably not exposed through confinement. Therefore it is prudent for Snapd to clear the LD_PRELOAD environment variable when starting a Snapped application.

Seems reasonable to me for strict snaps, what about classic snaps? Is there any valid use case for a classic snap to use/read LD_PRELOAD from the host given that it can use arbitrary programs from the host?

It was the strict snap usecase that I was thinking about.

For classic snaps I can see an argument either way: on the one hand a snap is supposed to be self-contained even though as classic it can access other programs so it should not load libraries into its runtime that are not shipped in the snap. On the other hand classic indicates that all rules are disabled so people might expect to be able to force the app to load any library they choose.

Personally, I would prefer that LD_PRELOAD be disabled for both strict and classic snaps to allow a snap author to be certain that what they shipped is what is actually running.