A backdoor in xz
A backdoor in xz
Posted Mar 30, 2024 19:41 UTC (Sat) by Cyberax (✭ supporter ✭, #52523)In reply to: A backdoor in xz by andresfreund
Parent article: A backdoor in xz
I mean, locking down the complete set of executable pages in a process, so that no new code can't get loaded. OpenBSD has mseal() that can do that.
> Dlopen() doesn't change any of that?
Indeed it doesn't (right now), but expanding its usage will make it harder to enable something like mseal() later.
Posted Mar 31, 2024 13:13 UTC (Sun)
by bluca (subscriber, #118303)
[Link]
A backdoor in xz
You can still do that, but then you lose some features. That seems like a perfectly acceptable trade-off to me.