Mark Seaborn wrote: > LD_PRELOAD isn't good enough. Plash needs to replace *all* uses of > system calls that use filenames, including glibc's internal uses of > those system calls. Back in the day of glibc 2.2.5, you *could* do > this by overriding "__open" and "__libc_open" as well as "open". But > with glibc 2.3.3, a lot of these calls are now resolved internally, > without going through the dynamic linker (glibc uses "__GI_open" > etc.). Furthermore, glibc inlines system calls, including "open", in > some places. Yeah, I know from mooix (which uses a similar but less generalised security model as plash), that wrapping open() is horrendous. I suppose that syscall interception was considered and not used for some reason? I'd be interested in sponsoring plash, but this libc issue needs to be resolved in some way first. -- see shy jo
Attachment:
signature.asc
Description: Digital signature