ld.so and LD_PRELOAD
http://marc.theaimsgroup.com/?l=selinux&m=105492305125090&w=2
The above URL contains a link to a discussion about LD_PRELOAD in SE Linux.
It seems that if you can get root access to a SE Linux machine then LD_PRELOAD
can be used (it's allowed if your real and effective UIDs match) to exploit
system programs.
The solution to this is to have ld-linux.so do a check for whether the secsid
and osecsid of the process are equal in addition to the check for effective
and real UIDs.
Now I don't want to maintain a SE Linux version of libc6 for a special
/lib/ld-linux.so.2 if I can avoid it. Also I think it would be ideal if the
functionality in this regard could support multiple security systems. Would
it be practical for /lib/ld-linux.so.2 to load a shared object to determine
whether LD_PRELOAD is allowed?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: