This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Support LD_USE_LOAD_BIAS


Hi!

I think LD_USE_LOAD_BIAS shouldn't be honored for suid/sgid, as that way
a local attacker could disable randomization of a suid PIE and exploit it
more easily.  This patch is on top of the previously posted one.

2003-11-22  Jakub Jelinek  <jakub@redhat.com>

	* elf/rtld.c (process_envvars): Only honor LD_USE_LOAD_BIAS
	if !__libc_enable_secure.

--- libc/elf/rtld.c.jj	2003-11-21 23:46:17.000000000 +0100
+++ libc/elf/rtld.c	2003-11-22 01:12:55.000000000 +0100
@@ -2005,7 +2005,8 @@ process_envvars (enum mode *modep)
 #ifdef EXTRA_LD_ENVVARS_13
 	  EXTRA_LD_ENVVARS_13
 #endif
-	  if (memcmp (envline, "USE_LOAD_BIAS", 13) == 0)
+	  if (!INTUSE(__libc_enable_secure)
+	      && memcmp (envline, "USE_LOAD_BIAS", 13) == 0)
 	    GL(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
 	  break;
 


	Jakub


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]