Re: libdbus hardening

[Sebastian Krahmer <krahmer () suse de>]

I am fine with either solution and would prefer upstream patches
anyway, but it turned out in past that nobody from upstream
is willing to add such patches.
I tried a year ago with openssl and AFAIK its still suffering
(at least I never heared back).

If you compile your openssh '--with-ssl-engine' you have
an easy root exploit (given that ssh-keysign is mode 04755
such as on Debian) via OPENSSL_config().

If you ask me, thats quite poor for a framework that wants to
add security to the system.
So, I do not have any problems adding our own patch sets rather
than waiting for another year.

Another lib that should receive a patch is libudev.

Sebastian


On Tue, Jul 10, 2012 at 05:43:36PM +0400, Solar Designer wrote:
> On Tue, Jul 10, 2012 at 03:13:55PM +0200, Florian Weimer wrote:
> > Perhaps we can put a getenv_secure() into libc, which will perform all 
> > the appropriate checks (including future checks we do not know about 
> > yet)?  Duplicating the code in many libraries does not seem prudent.
>
> We already have __secure_getenv() in glibc, which I think is what
> libraries like this should be using on systems with glibc.
>
> Apparently, it was even in LSB until 1.3 inclusive, but was since
> dropped from there?
>
> Alexander

-- 

~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer () suse de - SuSE Security Team

---
SUSE LINUX Products GmbH,
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstraße 5
90409 Nürnberg
Germany