fdlopen(3)
Kostik Belousov
kostikbel at gmail.com
Fri Dec 30 16:48:23 UTC 2011
On Fri, Dec 30, 2011 at 04:00:39PM +0000, Poul-Henning Kamp wrote:
> In message <20111230142640.GO50300 at deviant.kiev.zoral.com.ua>, Kostik Belousov
> writes:
>
> >Presented use case for fdlopen(3) is valid and useful IMO.
>
> I agree, I even have a similar use-case in Varnish.
>
> Has anybody racked their brains to make sure this doesn't have security
> implications ?
I am wondering what kind of security consequences you have in mind ?
My initial concern with the patch was the lack of the name supplied for
the loaded dso. But, the rtld already adds DT_SONAME to the names of the
object, and later it checks for duplicates using vnode identity returned
by fstat(2), so I removed the name argument from API.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20111230/162f0942/attachment.pgp
More information about the freebsd-arch
mailing list