[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-hardened
Subject: Re: [gentoo-hardened] hardened-gcc mission critical update 1.5
From: Ned Ludd <solar () gentoo ! org>
Date: 2003-08-18 3:07:15
[Download RAW message or body]
[Attachment #2 (multipart/mixed)]
On Sun, 2003-08-17 at 12:03, Alexander Gabert wrote:
[snip]
So after reading this I thought to myself I don't want to update my
entire world again so I wrote a little shell script to search everything
in my path to look for what you said, however interestingly enough I
could not find a single program which had it's .interp section linked to
/lib/ld-2.3.2.so as you described.
I'm currently using hardened-gcc-1.4 and I assume that this bug is only
present in ~hppa
Attached is a script I used to try and locate broken packages.
>
> this is the old behaviour which will bring massive problems when glibc
> is updated:
> 17:56:24 pappy@crusade pappy $ readelf -a /bin/ping | grep -i interp
> INTERP 0x00a328 0x0000a328 0x0000a328 0x00011 0x00011 R 0x1
> [Requesting program interpreter: /lib/ld-2.3.2.so]
>
> the new update-proof behaviour:
> 17:56:29 pappy@crusade pappy $ readelf -a /usr/bin/ssh | grep -i interp
> INTERP 0x0000f4 0x000000f4 0x000000f4 0x00026 0x00026 R 0x1
> [Requesting program interpreter: /lib/ld-linux.so.2]
>
> Remember that on hppa the softlink is not the same but the ebuild will
> take care once hppa is getting another glibc bug fixed concerning %r19.
>
> Every user of hardened-gcc should emerge the new hardened-gcc and then
> emerge --emptytree --update --verbose world to make sure no single
> program is using the old interpreter link any more.
>
> this is a "forward bug" warning which will have no effect until the
> glibc and the ld stays the same - but please take care.
>
>
> Alex
>
>
>
> --
> gentoo-hardened@gentoo.org mailing list
--
Ned Ludd <solar@gentoo.org>
Gentoo Linux Developer (Hardened)
["find_broken_gcc_pkgs.sh" (find_broken_gcc_pkgs.sh)]
cd /
for fpath in `echo $PATH | tr : '\n' | sort | uniq` ; do
if [ -d $fpath -a "$fpath" != "." ] ; then
echo "Searching: $fpath"
find $fpath -type f -exec file '{}' \; | grep "ELF" |grep "shared object" | \
cut -d : -f 1 | while read fname; do broke=`readelf -a $fname | grep "Requesting \
program interpreter:" | cut -d : -f 2 | tr '], ' '\n' | grep -v ^$` [ "$broke" != \
"/lib/ld-linux.so.2" -a "${broke}" != "" ] && echo "Please reinstall ${fname} : \
${broke}" done
fi
done
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic