svn commit: r318313 - head/libexec/rtld-elf
Bryan Drewery
bdrewery at FreeBSD.org
Mon May 15 19:25:21 UTC 2017
On 5/15/2017 12:00 PM, Konstantin Belousov wrote:
> On Mon, May 15, 2017 at 06:52:36PM +0000, Alexey Dokuchaev wrote:
>> On Mon, May 15, 2017 at 06:48:58PM +0000, Konstantin Belousov wrote:
>>> New Revision: 318313
>>> URL: https://svnweb.freebsd.org/changeset/base/318313
>>>
>>> Log:
>>> Make ld-elf.so.1 directly executable.
>>
>> Does it mean that old Linux' trick of /lib/ld-linux.so.2 /bin/chmod +x
>> /bin/chmod would now be possible on FreeBSD as well?
> Yes.
>
>> Does this have any security implications?
> What do you mean ?
>
I think for 3rd-party distributions it may be a problem. At the very
least it needs to be communicated clearly in release notes or UPDATING.
Consider a downstream vendor who has support for signed binary
executions. If rtld allows a backdoor around exec(2) to run an unsigned
binary, that could be a problem for them. It is on them to add support
to exec(2) to validate the special case of execing rtld with an
argument, or to just disable the feature in rtld from this commit.
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20170515/931ca9ff/attachment.sig>
More information about the svn-src-head
mailing list