svn commit: r315331 - in head/libexec/rtld-elf: . aarch64 amd64 arm i386 mips powerpc powerpc64 riscv sparc64
Jilles Tjoelker
jilles at stack.nl
Wed Mar 15 22:58:00 UTC 2017
On Wed, Mar 15, 2017 at 09:11:58PM +0000, Konstantin Belousov wrote:
> Author: kib
> Date: Wed Mar 15 21:11:57 2017
> New Revision: 315331
> URL: https://svnweb.freebsd.org/changeset/base/315331
> Log:
> Implement LD_BIND_NOT knob for rtld.
> From the manpage:
> When set to a nonempty string, prevents modifications of the PLT slots
> when doing bindings. As result, each call of the PLT-resolved
> function is resolved. In combination with debug output, this provides
> complete account of all bind actions at runtime.
> Same feature exists on Linux and Solaris.
Since this feature heavily affects timing (possibly making race
conditions easier to exploit) and may prevent making parts of the GOT
read-only, it seems a good idea to treat this environment variable as
dangerous for setuid and setgid processes.
--
Jilles Tjoelker
More information about the svn-src-all
mailing list