This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Never try to execute the file in ldd


On Mon, Mar 24, 2014 at 03:10:23PM -0700, Roland McGrath wrote:
> I always thought it wrong that it did that too.  But I vaguely recall being
> told there was some reason for it.  (Maybe even I thought myself there was
> an adequate reason.  I can't recall any details now.)  So we should
> understand what the past reasoning was and be sure it no longer applies
> today before we make such a change.
> 
> The only thing that comes to mind is cases where PT_INTERP points to a
> different dynamic linker, such as a from build with a special --prefix=
> setup or something stranger.  In those cases, what the vanilla rtld will
> think about search paths and so forth won't match what the actual PT_INTERP
> dynamic linker will do.
> 
> But I'm not at all sure that was the case (or was the only case) that
> motivated the current behavior.

If there's really a need to support this kind of usage, I think by
default ldd should refuse to run when PT_INTERP doesn't match its own
idea of the dynamic linker, and should require a --force-run option or
something. In the default setup, it's completely non-obvious to most
admins that ldd _runs_ the program, and the "hey, root! this program
is spewing missing symbol errors!" social-engineering exploit is a
real risk.

Rich


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]