|
|
Subscribe / Log in / New account

What's coming in glibc 2.10

What's coming in glibc 2.10

Posted Apr 19, 2009 21:50 UTC (Sun) by elanthis (guest, #6227)
In reply to: What's coming in glibc 2.10 by nix
Parent article: What's coming in glibc 2.10

Which makes me wonder if there are any potential security issues with it. Would this, for example, defeat SELinux protections by allowing an application to inject executable code into the context of the linker (assuming it's a separate context from the application itself) ?

to post comments

What's coming in glibc 2.10

Posted Apr 19, 2009 22:15 UTC (Sun) by nix (subscriber, #2304) [Link]

It isn't a separate context. It's more like injecting code into the
implicit first call into the dynamic linker that happens the first time
any given symbol is referenced[1]. The security context is unchanged: all
the dynamic linker normally does is relocate that PLT entry. It's just
that now you can have it pick *what* to relocate first. It's no more done
in a different context than is calling a function through a function
pointer: that's all it really is.

(hm, and it looks like it might become STT_IFUNC in time and not be
GNU-specific after all. Even better.)

[1] an oversimplification: actually that implicit call happens the first
time a PLT entry is jumped to, but that's nearly the same thing...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds