* Nathaniel Smith said: > On Sat, Aug 21, 1999 at 10:54:35PM -0400, Justin Wells wrote: > > > > Sorry, "exec /bin/bash" will cause you to get logged out if libc is > > broken. The exec will succeed, bash will try and load its dynamic > > libraries, it will fail, and it will exit. Try it. > > I did, actually (as I mentioned), using hard links to sash and bash in > a test directory. > > WyrmWeyr:~/static-test$ ./sash > Stand-alone shell (version 2.1) > > exec bash > WyrmWeyr:~/static-test$ exit ^^^^you're back in your parent process (in this case bash) > exit > WyrmWeyr:~/static-test$ sudo chroot . ./sash > Stand-alone shell (version 2.1) > > exec bash > bash: No such file or directory ^^^^exec(3) failed - it's not a case of broken dynamics but a simple case of an executable just not being there. See manual for exec. If the executable is found and dynamics are broken, it will fail. > -rwxr-xr-x 2 0 0 447760 Aug 15 19:37 bash > -rwxr-xr-x 2 0 0 279452 Oct 11 19:00 sash > > exit > > It seems to work fine for me. Am I missing something? Yes. The execution of a dynamically linked process looks like this: 1. a parent process calls exec*(); 2. kernel finds the file, opens it, reads the header and finds what dynamic loader (linker) is to be executed. If the loader is found and loaded successfuly then the exec*() call SUCCEEDS. 3. Loads the loader which in turn finds whether all the dynamic bindings for the binary are valid - if they're not the loader issues an error and exits. But from the point of view of both the parent process (which already doesn't exist) and the kernel the exec*() call succeeded. marek
Attachment:
pgpYKt1uStJdU.pgp
Description: PGP signature