[Bug 277169] [rtld] dlopen() is unusable for capsicum

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277169] [rtld] dlopen() is unusable for capsicum"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 19 Feb 2024 18:53:07 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277169

            Bug ID: 277169
           Summary: [rtld] dlopen() is unusable for capsicum
           Product: Base System
           Version: 14.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: vini.ipsmaker@gmail.com

To support capsicum, rtld right now offers the env var LD_LIBRARY_PATH_FDS to
specify a list of file descriptors. That works for shared libraries, but it
doesn't work for plugins. Plugins shouldn't be mixed with shared libraries.

An extra env var could be used to map specific plugin library paths fds to
plugins path names (e.g. fd 4 mapping to /usr/local/lib/gawk). In this case, if
a dlopen() call is done against /usr/local/lib/gawk, the fd 4 would be used.

In my scenario, I need this because dlopen() already executes untrusted code
and for a certain piece of software I want to do this in capsicum mode.

-- 
You are receiving this mail because:
You are the assignee for the bug.