[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: first draft of "relocatable" module

From: Bruno Haible
Subject: Re: first draft of "relocatable" module
Date: Sun, 4 Mar 2007 21:15:45 +0100
User-agent: KMail/1.5.4

Hello Ralf,

> > > >   for example, --prefix=/tmp/inst$$.
> > > 
> > > This bit doesn't.  Since /tmp is usually world-writable, you've got your
> > > attack vector already.
> ... So after you've installed
> your stuff, at some point /tmp/inst$$ is removed again (possibly even by
> you).  At that time, I can write to /tmp/inst$$.  I can usually even
> look at your binaries (in the final location) first to find out about
> the value of $$ that was used by you at 'make install' time.
> That's a trivial attack on the systems where run path overrides the
> shared library path variable.

Thanks for explaining. It's not trivial - you have to know a bit about
LD_LIBRARY_PATH, -rpath, LD_RUN_PATH and the like, in order to understand it.

If we recommend to use

    ./configure --enable-relocatable --prefix=/etc
    make install DESTDIR=/tmp/inst$$

then there should not be a security problem any more, right?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]