svn commit: r318313 - head/libexec/rtld-elf
Bryan Drewery
bdrewery at FreeBSD.org
Mon May 15 19:32:09 UTC 2017
On 5/15/2017 12:29 PM, Konstantin Belousov wrote:
> On Mon, May 15, 2017 at 12:25:20PM -0700, Bryan Drewery wrote:
>> On 5/15/2017 12:00 PM, Konstantin Belousov wrote:
>>> On Mon, May 15, 2017 at 06:52:36PM +0000, Alexey Dokuchaev wrote:
>>>> On Mon, May 15, 2017 at 06:48:58PM +0000, Konstantin Belousov wrote:
>>>>> New Revision: 318313
>>>>> URL: https://svnweb.freebsd.org/changeset/base/318313
>>>>>
>>>>> Log:
>>>>> Make ld-elf.so.1 directly executable.
>>>>
>>>> Does it mean that old Linux' trick of /lib/ld-linux.so.2 /bin/chmod +x
>>>> /bin/chmod would now be possible on FreeBSD as well?
>>> Yes.
>>>
>>>> Does this have any security implications?
>>> What do you mean ?
>>>
>>
>> I think for 3rd-party distributions it may be a problem. At the very
>> least it needs to be communicated clearly in release notes or UPDATING.
>>
>> Consider a downstream vendor who has support for signed binary
>> executions. If rtld allows a backdoor around exec(2) to run an unsigned
>> binary, that could be a problem for them. It is on them to add support
>> to exec(2) to validate the special case of execing rtld with an
>> argument, or to just disable the feature in rtld from this commit.
>
> Note the undocumented O_VERIFY flag in open(2) from the patch.
> This is very vendor-ish addition to request veriexec (?).
>
Ah nice.
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20170515/e7a33dc9/attachment.sig>
More information about the svn-src-all
mailing list