The LD_AUDIT interface is here to stay?
Carlos O'Donell
carlos@redhat.com
Fri Sep 5 18:50:00 GMT 2014
On 09/05/2014 02:15 PM, Rich Felker wrote:
> On Fri, Sep 05, 2014 at 10:45:44AM -0400, Carlos O'Donell wrote:
>> Roland,
>>
>> Have we ever talked about removing the LD_AUDIT interface?
>>
>> I heard a rumour from someone that said someone said we
>> might remove it.
>>
>> For what it's worth I really like the LD_AUDIT interface,
>> it enables some very cool features like `latrace' and
>> others. It's a well tested and understood interface we
>> inherited from Solaris.
>>
>> I think these rumours are false and I told this someone
>> that LD_AUDIT is here to stay :-)
>
> While removing it would probably be contrary to the way glibc does
> things, I would support serious hardening of it, and possibly
> providing a way to completely omit it at compile-time for hardened
> systems. It's been a historical source of quite a few vulns that
> should never have happened.
I agree, but I have no plans to work on that right now.
I do have plans to expand LD_AUDIT slightly, but nothing major.
I'll raise these thoughts in another email.
Cheers,
Carlos.
More information about the Libc-alpha
mailing list