|
Message-ID: <CABz95_B=geCCmA7SO0raoaoG0GnQJd9dWag23StnRu3j3MgaKQ@mail.gmail.com> Date: Sat, 14 Jun 2014 17:27:33 +0100 From: Steven Honeyman <stevenhoneyman@...il.com> To: musl@...ts.openwall.com Subject: Re: Binaries compiled with musl (1.1.2) are vulnerable to an ancient ldd exploit A quick search suggests it's been "patched" in Debian, Redhat, Owl glibc packages at least, but not upstream yet for some reason. If that libc-alpha commit makes it through (eventually!) then agreed, this is no longer an issue. On 14 June 2014 17:24, Rich Felker <dalias@...c.org> wrote: > On Sat, Jun 14, 2014 at 08:14:01PM +0400, Solar Designer wrote: >> Rich, >> >> On Sat, Jun 14, 2014 at 12:02:43PM -0400, Rich Felker wrote: >> > (Actually, I think >> > this issue may be fixed in modern glibc ldd, but I'm not sure.) >> >> IIRC, we have this worked around in patched glibc's ldd on Owl by having >> it always explicitly run the program through /lib/ld-linux.so.2, which >> obviously does interpret its env vars that the ldd script sets. That ldd >> script assumes glibc's /lib/ld-linux.so.2 anyway (env vars, exit codes). > > One improvement to this, if one wants to support multiple glibc > installations with different interpreters, would be parsing the > PT_INTERP from the binary, then exec'ing it in a way that inhibits > suid if the pointed-to binary happens to be suid. (One idea is > open+fstat+fexecve; another is ptrace+exec, where ptrace just serves > to inhibit suid.) > >> I don't know why upstream glibc would not(?) patch the issue that way. >> It's a trivial change. Is there some WONTFIX for this in glibc Bugzilla >> already? Sounds like material for your blog if so. ;-) > > There was a new patch for this issue on the libc-alpha list back in > March of this year, but I don't think it's been committed yet. See > "[PATCH] Never try to execute the file in ldd", Message-ID: > <mvma9cfobqi.fsf@...king.suse.de>. > > Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.