The rest of the 6.10 merge window [LWN.net]

The rest of the 6.10 merge window

Posted May 28, 2024 14:30 UTC (Tue) by mezcalero (subscriber, #45103)
In reply to: The rest of the 6.10 merge window by Cyberax
Parent article: The rest of the 6.10 merge window

That's just rubbish, you apparently have no idea what you are talking about. When you have dlopen() dependencies you resolve your symbols manually via dlsym(), not implicitly via ELF's GOT/PLT. Hence, mseal()ing the GOT/PLT won't affect things for dlopen() based "weak" deps at all. (It won't be able to lock down the security of the pointers you store dlsym() return values in either though, but that's not quite the same as cause "libsystems working properly".)

Anyway, would appreciate if you'd stop your uneducated FUD, not helpful.

Lennart

to post comments

The rest of the 6.10 merge window

Posted May 28, 2024 16:50 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]

> It won't be able to lock down the security of the pointers you store dlsym() return values in either though, but that's not quite the same as cause "libsystems working properly"

As I understand, mseal() should prevent dlopen() from working? Is it not?

> Anyway, would appreciate if you'd stop your uneducated FUD, not helpful.

Introducing brittle workarounds for clearly specious reasons is not helpful either. You screwed up by turning libsystemd from a small 50kb library with utility functions into a large library with decompressors and DBUS implementation.