svn commit: r228843 - head/contrib/telnet/libtelnet
head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include
delphij at delphij.net
Thu Dec 29 20:15:33 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 12/29/11 11:42, Andrey Chernov wrote:
> On Thu, Dec 29, 2011 at 11:15:44AM -0800, Xin Li wrote:
>> Would you please elaborate how this would be less ugly (e.g. with
>> a patch)?
> Why doing a patch if you apparently don't care? )
Ok now you don't have to do a patch.
I had asked because sometimes a patch would better describe what would
be done, especially for abstract concepts like ugliness of code. As
Alfred recently posted in a different thread, you may have a great
idea in your mind but without the same background knowledge it's
sometimes hard for others to understand it.
> In few words, it less ugly because it 1) will be public API, 2)
> will restrict all possibe future dlopen() usage (f.e. someday tar,
> which used in some ftpds, can use dlopen() to load its formats
>> We discussed a change like this but IIRC it was rejected because
>> the affected surface is too broad and we wanted to limit it to
>> just the implicit dlopen()s to avoid breaking legitimate
> Instead of total disabling we can (by calling rtld function)
> restrict dlopen() in ftpd() to absolute path of know safe
> directories list like "/etc" "/lib" "/usr/lib" etc.
This just came back to the origin!! These "safe" locations are never
necessarily be safe inside a chroot environment and the issue was
exactly loading a library underneath /lib/.
I just realized that someone have removed some details from my
advisory draft by the way. To clarify: the chroot issue is not about
the usual usage of chroot, but the fact that many chroot setups are
not safe (e.g. "recommended" practice is to create a user writable
directory under the chroot root with everything else read-only).
Xin LI <delphij at delphij.net> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the freebsd-security