Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Posted Feb 21, 2014 12:36 UTC (Fri) by alexl (subscriber, #19068)In reply to: Peres: Wayland Compositors - Why and How to Handle Privileged Clients! by uoppy
Parent article: Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Posted Feb 27, 2014 20:33 UTC (Thu)
by deepfire (guest, #26138)
[Link] (4 responses)
I can only find a semi-incoherent counter-point by Alan Cox[1] -- and it fails to convince.
--
Posted Feb 28, 2014 3:58 UTC (Fri)
by mathstuf (subscriber, #69389)
[Link] (3 responses)
[1]Or something like that...I can never remember the PIC terms in the right order.
Posted Feb 28, 2014 6:24 UTC (Fri)
by deepfire (guest, #26138)
[Link] (2 responses)
Were it an ELF flag, you could toggle it in-place, but in-place symbol attribute modification is far less practical.
LD_PRELOAD is a fairly common attack vector, and nothing is being done about it.
Posted Feb 28, 2014 6:48 UTC (Fri)
by mathstuf (subscriber, #69389)
[Link] (1 responses)
I've been considering using protected in my projects since they're C++ and that anything done is likely to break in amazing ways (How do you fix up vtables? Does LD_PRELOAD work for them?).
Posted Feb 28, 2014 8:03 UTC (Fri)
by deepfire (guest, #26138)
[Link]
And yes, whenever such security/flexibiility tradeoffs are introduced in future, they ought to be:
1. optional, with root-restrictable means of control
This is basic security, isn't it?
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
1. http://lkml.iu.edu//hypermail/linux/kernel/0712.1/2040.html
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
Peres: Wayland Compositors - Why and How to Handle Privileged Clients!
2. off by default