svn commit: r318313 - head/libexec/rtld-elf
Konstantin Belousov
kostikbel at gmail.com
Mon May 15 19:29:50 UTC 2017
On Mon, May 15, 2017 at 12:25:20PM -0700, Bryan Drewery wrote:
> On 5/15/2017 12:00 PM, Konstantin Belousov wrote:
> > On Mon, May 15, 2017 at 06:52:36PM +0000, Alexey Dokuchaev wrote:
> >> On Mon, May 15, 2017 at 06:48:58PM +0000, Konstantin Belousov wrote:
> >>> New Revision: 318313
> >>> URL: https://svnweb.freebsd.org/changeset/base/318313
> >>>
> >>> Log:
> >>> Make ld-elf.so.1 directly executable.
> >>
> >> Does it mean that old Linux' trick of /lib/ld-linux.so.2 /bin/chmod +x
> >> /bin/chmod would now be possible on FreeBSD as well?
> > Yes.
> >
> >> Does this have any security implications?
> > What do you mean ?
> >
>
> I think for 3rd-party distributions it may be a problem. At the very
> least it needs to be communicated clearly in release notes or UPDATING.
>
> Consider a downstream vendor who has support for signed binary
> executions. If rtld allows a backdoor around exec(2) to run an unsigned
> binary, that could be a problem for them. It is on them to add support
> to exec(2) to validate the special case of execing rtld with an
> argument, or to just disable the feature in rtld from this commit.
Note the undocumented O_VERIFY flag in open(2) from the patch.
This is very vendor-ish addition to request veriexec (?).
More information about the svn-src-all
mailing list