This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Wed, Dec 30, 2015 at 02:55:26AM +0300, Dmitry V. Levin wrote: > On Tue, Dec 29, 2015 at 05:31:08PM -0500, Mike Frysinger wrote: > > On 29 Dec 2015 20:42, Dmitry V. Levin wrote: > > > This change started its life as commit 207e77fd3f0a94acdf0557608dd4f10ce0e0f22f, > > > it's in wide use, it was rebased and reviewed several times. > > > > where ? > > It's in Fedora since glibc-2.13.90-12 (13.05.2011). > I reviewed it twice at least. > > > links to discussions would be helpful, > > It's a follow-up to the series of commits made to fix > https://sourceware.org/bugzilla/show_bug.cgi?id=12393 > > I have no idea why it remained in fedora branch and hasn't been merged > to master. > > > as would a more verbose explanation. > > The idea is, as the subject says, never to leave $ORIGIN unexpanded: > if a privileged executable's rpath element contains $ORIGIN in a position > that is not allowed for expansion in privileged executables, this rpath > element shouldn't be left as is, it should be discarded. So the question is, whether we consider the current ld.so behaviour safe or not: $ rm -rf '$ORIGIN' && mkdir -m0700 '$ORIGIN' && ln -snf /dev/null '$ORIGIN/libc.so.6' && echo 'int main(){}' |gcc -xc - -Wl,-rpath,'./$ORIGIN' && chgrp -h another_group a.out && chmod 02710 a.out && ./a.out ./a.out: error while loading shared libraries: ./$ORIGIN/libc.so.6: file too short If we agree that it's unsafe, than the fix is ready to be applied. -- ldv
Attachment:
signature.asc
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |