oss-sec mailing list archives

Re: ldd can execute an app unexpectedly

From: Steve Grubb <sgrubb () redhat com>
Date: Tue, 8 Mar 2011 08:43:53 -0500

On Tuesday, March 08, 2011 04:14:39 am Tomas Hoger wrote:

Besides telling everyone don't do that. ldd could take the PoV that
it should only call runtime linkers in trusted directories like /sbin
or /usr/sbin.


Upstream does not seem to consider this to be an issue:
  https://bugzilla.redhat.com/show_bug.cgi?id=531160#c1


The DISA STIG now recommends that ldd be disabled, that pretty much means deleted, on 
any Linux OS that is not patched to protect against it:

  <Rule id="SV-28909r1_rule" severity="medium">
            <version>GEN007960</version>
            <title>The 'ldd' command must be disabled unless it protects against the 
execution of untrusted files.</title>

http://iase.disa.mil/stigs/downloads/zip/unclassified_os-srg-unix_v1r1_finalsrg.zip

-Steve

Current thread:

ldd can execute an app unexpectedly Steve Grubb (Mar 07)
- Re: ldd can execute an app unexpectedly Dmitry V. Levin (Mar 07)
  - Re: ldd can execute an app unexpectedly Steve Grubb (Mar 07)
  - Re: ldd can execute an app unexpectedly Tim Brown (Mar 07)
- Re: ldd can execute an app unexpectedly Tomas Hoger (Mar 08)
  - Re: ldd can execute an app unexpectedly Steve Grubb (Mar 08)