[PATCH v9] Add getentropy, getrandom, <sys/random.h> [BZ #17252]
Florian Weimer
fweimer@redhat.com
Tue Dec 6 16:59:00 GMT 2016
On 12/06/2016 05:55 PM, Joseph Myers wrote:
> On Tue, 6 Dec 2016, Zack Weinberg wrote:
>
>> On the assumption that this _is_ the issue, I am going to write a script
>> that scans the Debian archive for existing binaries containing
>> definitions (exported or not) of getentropy and/or getrandom, and will
>> report what it tells me -- this will probably take a couple days to
>> cycle all the way through.
>
> You can't generally tell for a stripped executable whether there's a
> getentropy function in there - only if it's unstripped, or linked with
> -rdynamic, or linked with glibc that defines getentropy and so exports it
> in the dynamic symbol table for that reason. You could scan shared
> libraries for bogus exports, but I don't see how you could test for
> executables that would cause a problem when linked with new glibc without
> doing a full archive rebuild with patched glibc.
Agreed. Another complication is that there are cases where you get
getentropy only if HAVE_GETRANDOM is defined.
What do you suggest we should do if we detect unintended interposition
(assuming we decide to use the version without redirection first)?
Thanks,
Florian
More information about the Libc-alpha
mailing list