This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: The LD_AUDIT interface is here to stay?
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: Rich Felker <dalias at libc dot org>, libc-alpha at sourceware dot org
- Date: Fri, 05 Sep 2014 14:50:35 -0400
- Subject: Re: The LD_AUDIT interface is here to stay?
- Authentication-results: sourceware.org; auth=none
- References: <5409CC98 dot 7000206 at redhat dot com> <20140905181558 dot GQ23797 at brightrain dot aerifal dot cx>
On 09/05/2014 02:15 PM, Rich Felker wrote:
> On Fri, Sep 05, 2014 at 10:45:44AM -0400, Carlos O'Donell wrote:
>> Roland,
>>
>> Have we ever talked about removing the LD_AUDIT interface?
>>
>> I heard a rumour from someone that said someone said we
>> might remove it.
>>
>> For what it's worth I really like the LD_AUDIT interface,
>> it enables some very cool features like `latrace' and
>> others. It's a well tested and understood interface we
>> inherited from Solaris.
>>
>> I think these rumours are false and I told this someone
>> that LD_AUDIT is here to stay :-)
>
> While removing it would probably be contrary to the way glibc does
> things, I would support serious hardening of it, and possibly
> providing a way to completely omit it at compile-time for hardened
> systems. It's been a historical source of quite a few vulns that
> should never have happened.
I agree, but I have no plans to work on that right now.
I do have plans to expand LD_AUDIT slightly, but nothing major.
I'll raise these thoughts in another email.
Cheers,
Carlos.