The pessimist complains about the wind; the optimist expects it to change; the realist adjusts the sails.
William Arthur Ward
I am doing a startup!
Cross-browser testing from your browser!
I have written my fourth book!
Be faster than Larry Wall at command line!
You're viewing a comment by Justin and its responses.
Hi. I know a lot of people are surprised by this little exploit but this is a well documented case in ldd. I remember this coming up as a bullet point at a local LUG meeting back in 1997 when we were installing Slackware on a box.
Needless to say, this really is an educate yourself deal as opposed to a "fix this, fix this!" exploit. You can head over to TLDP and see a clear warning about this.
I applaud the author for reminding everyone about this important issue, but (in my opinion) it really isn't a problem with ld-linux.so per se. When an executable says they are needing a different loader, the natural behavior should be to load the external loader. That alone should ring sysadmin bells, an external loader is being used...Do I trust it? All in all it comes down to a sysadmin watching their back and understanding how things work.
"All in all it comes down to a sysadmin ... understanding how things work."
Never forget the vast number of clueless people employed as system administrators.
(why do I need your e-mail?)
It would be nice if you left your e-mail address. Sometimes I want to send a private message, or just thank for the great comment. Having your e-mail really helps.
I will never ever spam you.
(Your twitter name, if you have one. (I'm @pkrumins, btw.))
* use <pre>...</pre> to insert a plain code snippet.
* use <pre lang="lang">...</pre> to insert a syntax highlighted code snippet.
For example, <pre lang="python">...</pre> will insert Python highlighted code.
* use <code>...</code> to highlight a variable or a single shell command.
* use <a href="url" nospam>title</a> to insert links.
<a href="url" nospam>title</a>
* use other HTML tags, such as, <b>, <i>, <blockquote>, <sup>, <sub> for text formatting.
Type the word "apple_156": (just to make sure you're a human)
Please preview the comment before submitting to make sure it's OK.
Peteris Krumins' blog about programming, hacking, software reuse, software ideas, computer security, browserling, google and technology.
Reach me at:
Or meet me on:
Subscribe through an RSS feed:
(what is rss?)
Subscribe through email:
Enter your email address:
Delivered by FeedBurner
I love to read science books. They make my day and I get ideas for awesome blog posts, such as Busy Beaver, On Functors, Recursive Regular Expressions and many others.
Take a look at my Amazon wish list, if you're curious about what I have planned reading next, and want to surprise me. :)
See all top articles
See all downloads
See more detailed list of recent articles
See more detailed category information
See more detailed list of all articles