This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi! I think LD_USE_LOAD_BIAS shouldn't be honored for suid/sgid, as that way a local attacker could disable randomization of a suid PIE and exploit it more easily. This patch is on top of the previously posted one. 2003-11-22 Jakub Jelinek <jakub@redhat.com> * elf/rtld.c (process_envvars): Only honor LD_USE_LOAD_BIAS if !__libc_enable_secure. --- libc/elf/rtld.c.jj 2003-11-21 23:46:17.000000000 +0100 +++ libc/elf/rtld.c 2003-11-22 01:12:55.000000000 +0100 @@ -2005,7 +2005,8 @@ process_envvars (enum mode *modep) #ifdef EXTRA_LD_ENVVARS_13 EXTRA_LD_ENVVARS_13 #endif - if (memcmp (envline, "USE_LOAD_BIAS", 13) == 0) + if (!INTUSE(__libc_enable_secure) + && memcmp (envline, "USE_LOAD_BIAS", 13) == 0) GL(dl_use_load_bias) = envline[14] == '1' ? -1 : 0; break; Jakub
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |