This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Support LD_USE_LOAD_BIAS

From: Roland McGrath <roland at redhat dot com>
To: Jakub Jelinek <jakub at redhat dot com>
Cc: Ulrich Drepper <drepper at redhat dot com>,Glibc hackers <libc-hacker at sources dot redhat dot com>
Date: Fri, 21 Nov 2003 16:28:09 -0800
Subject: Re: [PATCH] Support LD_USE_LOAD_BIAS

> I think LD_USE_LOAD_BIAS shouldn't be honored for suid/sgid, as that way
> a local attacker could disable randomization of a suid PIE and exploit it
> more easily.  This patch is on top of the previously posted one.

I agree.  You should also add it to the unsecvars.h list.

As to the original patch, I don't like the names but otherwise it seems
reasonable to me.  _dl_use_load_bias should be called _dl_load_bias_mask
since you use it that way.  For the environment variable, I think something
like LD_INHIBIT_PRELINK would be better.

Follow-Ups:
- Re: [PATCH] Support LD_USE_LOAD_BIAS
  - From: Jakub Jelinek

References:
- Re: [PATCH] Support LD_USE_LOAD_BIAS
  - From: Jakub Jelinek

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]