[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secureplt breaks ld on Alpha Linux

From: Richard Henderson
Subject: Re: secureplt breaks ld on Alpha Linux
Date: Tue, 02 Sep 2014 06:57:05 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.7.0

On 09/01/2014 04:53 PM, Mikulas Patocka wrote:
> On Mon, 1 Sep 2014, Richard Henderson wrote:
>> On 09/01/2014 08:09 AM, Mikulas Patocka wrote:
>>> So, what exactly should be done? Can we hack ld so that if filename is 
>>> "libots.so", lazy binding for symbols in this library is turned off 
>>> automatically?
>> Not hack ld.so.
>> Modify the libots.so binary such that _OtsZero is STT_NOTYPE.  The linker 
>> will
>> not create a plt entry unless the symbol is STT_FUNC.
>> I see that most of the _Ots symbols are already NOTYPE.  I wonder if this is
>> intentional and _OtsZero just got forgotten, or if it's a happy oversight in
>> that they forgot to annotate them entirely.
>> r~
> It is legally questionable if we can redistribute the modified library.
> Even if I could distribute it, where would I upload it so that other 
> people will find it? Obviously I can't upload it to ftp.compaq.com where 
> the compiler is located.
> So, I think a better solution would be to change ld so that it would 
> recognize "libots.so" filename and act as if symbols in this file were 
> defined with STT_NOTYPE attribute.
> Or, turn off that "secure plt" feature at all if "libots.so" is used - 
> Alpha is so rare that I doubt anybody will put any effort into writing 
> exploits for Alpha.

Well, you're the only person left using the compaq c compiler, so it's not like
you have to distribute the modified binary at all.  So, for that matter,
rebuilding your ld --without-secureplt certainly works too.

But you'll not get a hack into glibc or ld to recognize libots.so and do
anything silly with that.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]