Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110816124600.GA15681@albatros>
Date: Tue, 16 Aug 2011 16:46:00 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: musl@...ts.openwall.com
Subject: Re: LD_PRELOAD and RTLD_NEXT support

On Tue, Aug 16, 2011 at 07:47 -0400, Rich Felker wrote:
> > 1) This check should be extended to support AT_SECURE (dumpable flag,
> > any LSM security domains, capabilities).
> 
> Indeed, I'll add this. Do I just check for aux[AT_SECURE] != 0?

Looks like so.

glibc has some crazy dance with these flags and get*id() values, which
we patch in Owl ;-)


> > 2) As you check for (aux[0] & 0x7800) you assume some of these elements
> > can be absent.  I feel it's wrong to assume you're not s*id'ed in this
> 
> You misread the test. Absence of any of the 4 fields causes the
> program to be treated as if it were suid.

Ah, sure.


...btw, I feel it would be cleaner if you check for untrusted environment
at the time of initializing env_* variables.  Currently there is not
much code between env_X assignment and zeroing, but it might be in the
future (with addition of ld features, etc.).

    for (p = argv+i; ... ) {
        if (is_secure_env)
            env_path = ...

-- 
Vasiliy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.