This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On Wed, Dec 30, 2015 at 02:55:26AM +0300, Dmitry V. Levin wrote:
> On Tue, Dec 29, 2015 at 05:31:08PM -0500, Mike Frysinger wrote:
> > On 29 Dec 2015 20:42, Dmitry V. Levin wrote:
> > > This change started its life as commit 207e77fd3f0a94acdf0557608dd4f10ce0e0f22f,
> > > it's in wide use, it was rebased and reviewed several times.
> >
> > where ?
>
> It's in Fedora since glibc-2.13.90-12 (13.05.2011).
> I reviewed it twice at least.
>
> > links to discussions would be helpful,
>
> It's a follow-up to the series of commits made to fix
> https://sourceware.org/bugzilla/show_bug.cgi?id=12393
>
> I have no idea why it remained in fedora branch and hasn't been merged
> to master.
>
> > as would a more verbose explanation.
>
> The idea is, as the subject says, never to leave $ORIGIN unexpanded:
> if a privileged executable's rpath element contains $ORIGIN in a position
> that is not allowed for expansion in privileged executables, this rpath
> element shouldn't be left as is, it should be discarded.
So the question is, whether we consider the current ld.so behaviour safe or not:
$ rm -rf '$ORIGIN' && mkdir -m0700 '$ORIGIN' &&
ln -snf /dev/null '$ORIGIN/libc.so.6' &&
echo 'int main(){}' |gcc -xc - -Wl,-rpath,'./$ORIGIN' &&
chgrp -h another_group a.out && chmod 02710 a.out && ./a.out
./a.out: error while loading shared libraries: ./$ORIGIN/libc.so.6: file too short
If we agree that it's unsafe, than the fix is ready to be applied.
--
ldv
Attachment:
signature.asc
Description: PGP signature
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |