Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 29 Aug 2010 16:10:48 +0100
From: Tim Brown <timb@...-dimension.org.uk>
To: oss-security@...ts.openwall.com
Subject: Hardening the linker (was Re: CVE request: CouchDB insecure library loading (Debian/Ubuntu only))

For those of you that missed it, this was actually reported by Dan off the back 
of a blog post by me describing the generic case:

http://www.nth-dimension.org.uk/blog.php?id=87

I'm well aware that the linker is a tool and that it can be misused (as in 
this case) but is anyone aware of a good reason why empty directory 
specifications in LD_LIBRARY_PATH, PATH et al are treated as $PWD?  The only 
times I've seen empty specifications it's because of bugs such as the one Dan 
has reported.

Is there a case to look at harding the dynamic linker to reject empty 
specifications; there's not much that one can do where someone has explicitly 
set a stupid LD_LIBRARY_PATH?  I appreciate that this might has some unwanted 
outcomes (such as breaking compatibility with other POSIX-alike OS) but 
sometimes there's a good argument for breaking compatibility if it increases 
security (some of the various grsec kernel and GCC compiler hardening changes 
would be good examples here).

Tim
-- 
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ