[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: On trusting its parent process
|
From: |
Ludovic Courtès |
|
Subject: |
Re: On trusting its parent process |
|
Date: |
Wed, 13 Jul 2005 18:26:43 +0200 |
|
User-agent: |
Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux) |
Lee Braiden <address@hidden> writes:
> If it's this library overriding that's the problem, is it not possible to
> just
> say that some library calls are "final", and cannot be overridden? And
> wouldn't such a library call be able to authenticate any services that must
> be final, too?
In GNU/Linux (and GNU/Hurd), LD_PRELOAD is not taken into account for
suid programs that are launched. Typically, `passwd' is protected from
that.
Server overriding in the Hurd is very much like library overriding with
LD_PRELOAD. The point is that you can't (and you don't want to) prevent
people from implementing and using servers/libraries that implement the
Hurd standard interfaces. However, in some cases, there needs to be a
way for any process to know whether the libraries/servers it is using
are the ones the administrator installed and trusts (that is, the
"authentic" ones). Otherwise, he/she may lose control over her/his
machine. ;-)
Thanks,
Ludovic.
Re: On trusting its parent process, Lee Braiden, 2005/07/13
- Re: On trusting its parent process,
Ludovic Courtès <=