[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Hardening the linker (was Re: [oss-security] CVE request: CouchDB insecure library lo
From: Tim Brown <timb () nth-dimension ! org ! uk>
Date: 2010-08-29 15:10:48
Message-ID: 201008291611.20457.timb () nth-dimension ! org ! uk
[Download RAW message or body]
For those of you that missed it, this was actually reported by Dan off the back
of a blog post by me describing the generic case:
http://www.nth-dimension.org.uk/blog.php?id=87
I'm well aware that the linker is a tool and that it can be misused (as in
this case) but is anyone aware of a good reason why empty directory
specifications in LD_LIBRARY_PATH, PATH et al are treated as $PWD? The only
times I've seen empty specifications it's because of bugs such as the one Dan
has reported.
Is there a case to look at harding the dynamic linker to reject empty
specifications; there's not much that one can do where someone has explicitly
set a stupid LD_LIBRARY_PATH? I appreciate that this might has some unwanted
outcomes (such as breaking compatibility with other POSIX-alike OS) but
sometimes there's a good argument for breaking compatibility if it increases
security (some of the various grsec kernel and GCC compiler hardening changes
would be good examples here).
Tim
--
Tim Brown
<mailto:timb@nth-dimension.org.uk>
<http://www.nth-dimension.org.uk/>
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic