This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Ignore LD_POINTER_GUARD for set-user-ID/set-group-ID binaries.

On 09 Oct 2015 21:59, Carlos O'Donell wrote:
> On 10/08/2015 04:44 AM, Florian Weimer wrote:
> > On 09/05/2015 06:39 PM, Hector Marco-Gisbert wrote:
> >> A weakness in the dynamic loader have been found, Glibc prior to
> >> 2.22.90 are affected. The issue is that the LD_POINTER_GUARD in the
> >> environment is not sanitized allowing local attackers easily to bypass
> >> the pointer guarding protection on set-user-ID and set-group-ID
> >> programs. 
> >>
> >> Details of the weakness:
> >>
> >>
> >> This patch prevents to disable the pointer guarding protection for
> >> set-user-ID/set-group-ID programs.
> >>
> >> For example, executing "LD_POINTER_GUARD=0 /bin/ping" does not disable
> >> the pointer guarding protection unless it is directly executed by root
> >> (rUID==eUID).
> > 
> > Does anyone actually use LD_POINTER_GUARD for debugging?  Maybe we can
> > simply retire the environment variable instead.
> I vote we remove it. It has long since passed the point of usefullness.
> With a proper tunables infrastructure we would have added it in one release
> while we tested things, and then removed it one or two releases later.

sounds fine to me.  punt it and be done.

Attachment: signature.asc
Description: Digital signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]