[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ld.so and LD_PRELOAD

On Fri, Jun 06, 2003 at 02:02:07PM -0400, Ben Collins wrote:
> I don't know too much about SE Linux, but what keeps someone who has
> root from dropping their own ld-linux.so.2 in there?
> I assume that SE Linux has some higherlevel traps than just root and
> not-root. What keeps them from doing:
> ./myld.so /bin/program-to-exploit
> though? Is /lib/ld-linux.so.2 given some filesystem based attributes
> that gives it higher capabilities than some copied ld.so?

IIRC this is not a problem.

/lib/ld-linux.so.2 won't have the same file label as
/bin/program-to-exploit (which causes the domain to change).

So execing /lib/ld-linux.so.2 won't cause the domain to change.

I am not sure how /lib/ld-linux.so.2 runs the program, but it doesn't
fork or exec, so the domain will remain the same.
Brian May <bam@debian.org>

Reply to: