Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()

To: debian-devel@lists.debian.org
Subject: Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
From: Martin Pitt <mpitt@debian.org>
Date: Mon, 10 Dec 2007 15:04:45 +0100
Message-id: <[🔎] 20071210140445.GA28818@piware.de>
Mail-followup-to: debian-devel@lists.debian.org, mpitt@debian.org
In-reply-to: <[🔎] udl1w9wg820.fsf@vinegar-pot.mit.edu>

Hi,

Aaron M. Ucko:
> I would counter-propose introducing some sort of ELF tag that ld could
> set and the kernel and ld.so could check; while this would be more
> involved, it would be less hackish and would avoid introducing new
> potential vulnerabilities.

That would be ideal, of course. Does ELF support anything like that?

Thanks,

Martin

P.S. Please honour m-f-t, thanks.

-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

Reply to:

Follow-Ups:
- Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
  - From: ucko@debian.org (Aaron M. Ucko)

References:
- Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
  - From: ucko@debian.org (Aaron M. Ucko)

Prev by Date: Re: -Wl,--as-needed considered possibly harmful
Next by Date: Re: libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?
Previous by thread: Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
Next by thread: Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()
Index(es):
- Date
- Thread