Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()

To: debian-devel@lists.debian.org
Subject: Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
From: ucko@debian.org (Aaron M. Ucko)
Date: Sat, 08 Dec 2007 17:01:27 -0500
Message-id: <[🔎] udl1w9wg820.fsf@vinegar-pot.mit.edu>
Mail-followup-to: debian-devel@lists.debian.org
References: <[🔎] 20071207181811.GA2720@piware.de>

Although this is an interesting idea, I have misgivings about running
even temporarily with any sort of extra privileges; C++ executables in
particular may run a fair bit of code from static objects'
constructors before main() ever starts.

I would counter-propose introducing some sort of ELF tag that ld could
set and the kernel and ld.so could check; while this would be more
involved, it would be less hackish and would avoid introducing new
potential vulnerabilities.

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?amu@monk.mit.edu

Reply to:

Follow-Ups:
- Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
  - From: Steve Langasek <vorlon@debian.org>
- Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
  - From: Martin Pitt <mpitt@debian.org>

References:
- Using sgid binaries to defend against LD_PRELOAD/ptrace()
  - From: Martin Pitt <mpitt@debian.org>

Prev by Date: snapshot.debian.net missing october
Next by Date: Re: Proposal for reform of the Debian membership process
Previous by thread: Using sgid binaries to defend against LD_PRELOAD/ptrace()
Next by thread: Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
Index(es):
- Date
- Thread