bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: relocatable by default?


From: Nix
Subject: Re: relocatable by default?
Date: Fri, 05 Oct 2007 08:50:11 +0100
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

On 3 Oct 2007, Bruno Haible verbalised:

> Sylvain Beucler wrote:
>> What security issues, by the way? I (re)read the docs but I don't see
>> what it is.
>
> No no, I won't tell anyone how the exploit works :-) But there is an exploit.

There's an even more obvious and trivial DoS attack. (The problem here
is of course DT_RPATH itself rather than gnulib's relocatable support.
It's ameliorated somewhat if you use a linker and dynamic linker with
DT_RUNPATH support, like, well, all the platforms for which gnulib
uses linker-assisted relocatable support, but it still doesn't go
away.)

-- 
`Some people don't think performance issues are "real bugs", and I think 
such people shouldn't be allowed to program.' --- Linus Torvalds




reply via email to

[Prev in Thread] Current Thread [Next in Thread]