oss-sec mailing list archives
Re: Fixing the glibc runtime linker
From: Stuart Gathman <stuart () gathman org>
Date: Thu, 19 Feb 2015 18:33:26 -0500
On 02/19/2015 05:19 PM, Tim Brown wrote:
There needs to be a way to log the paths being ignored - so at least some people will have a clue as to why their program doesn't work. I'm not sure what that way is.What's the fix? More often than not, the underlying issue is an empty element within the DT_RPATH header or equivalent. Sometimes it's not, but even in those cases, it is largely that one or more elements isn't qualifed (i.e. it doesn't start with /). The attached patch fixes this, by ignoring any elements of DT_RPATH, LD_LIBRARY_PATH that do not start with a /, and/or junking any use of dlopen where the filename is likewise unqualified. Won't this break stuff? Maybe (certainly it is means a change to glibc behaviour), but more often than not, the fact that a given binary currently works in an unsafe way is a bug - and an exploitable one at that. Moreoever, Solaris has had a similar sanitity check (in their case only for privileged setuid binaries) for a good number of years without serious incident. I believe we should be fixing software that exhibits the behaviour I've described, but this patch will (I think) kill the bug class irrespective of that.
Current thread:
- Fixing the glibc runtime linker Tim Brown (Feb 19)
- Re: Fixing the glibc runtime linker Stuart Gathman (Feb 19)
- Re: Fixing the glibc runtime linker Tim Brown (Feb 19)
- Re: Fixing the glibc runtime linker Paul Pluzhnikov (Feb 19)
- Re: Fixing the glibc runtime linker Tim Brown (Feb 19)
- Re: Fixing the glibc runtime linker Paul Pluzhnikov (Feb 19)
- Re: Fixing the glibc runtime linker Rich Felker (Feb 19)
- Re: Fixing the glibc runtime linker Paul Pluzhnikov (Feb 19)
- Re: Fixing the glibc runtime linker Rich Felker (Feb 19)
- Re: Fixing the glibc runtime linker Paul Pluzhnikov (Feb 20)
- Re: Fixing the glibc runtime linker Tim Brown (Feb 20)
- Re: Fixing the glibc runtime linker Rich Felker (Feb 20)
- Re: Fixing the glibc runtime linker Tim Brown (Feb 19)
- Re: Fixing the glibc runtime linker Stuart Gathman (Feb 19)