Just because the standard provides a cliff in front of you, you are not necessarily required to jump off it.
I am doing a startup!
Cross-browser testing from your browser!
I have written my fourth book!
Be faster than Larry Wall at command line!
You're viewing a comment by Justin and its responses.
Hi. I know a lot of people are surprised by this little exploit but this is a well documented case in ldd. I remember this coming up as a bullet point at a local LUG meeting back in 1997 when we were installing Slackware on a box.
Needless to say, this really is an educate yourself deal as opposed to a "fix this, fix this!" exploit. You can head over to TLDP and see a clear warning about this.
I applaud the author for reminding everyone about this important issue, but (in my opinion) it really isn't a problem with ld-linux.so per se. When an executable says they are needing a different loader, the natural behavior should be to load the external loader. That alone should ring sysadmin bells, an external loader is being used...Do I trust it? All in all it comes down to a sysadmin watching their back and understanding how things work.
"All in all it comes down to a sysadmin ... understanding how things work."
Never forget the vast number of clueless people employed as system administrators.
(why do I need your e-mail?)
It would be nice if you left your e-mail address. Sometimes I want to send a private message, or just thank for the great comment. Having your e-mail really helps.
I will never ever spam you.
(Your twitter name, if you have one. (I'm @pkrumins, btw.))
* use <pre>...</pre> to insert a plain code snippet.
* use <pre lang="lang">...</pre> to insert a syntax highlighted code snippet.
For example, <pre lang="python">...</pre> will insert Python highlighted code.
* use <code>...</code> to highlight a variable or a single shell command.
* use <a href="url">title</a> to insert links.
* use other HTML tags, such as, <b>, <i>, <blockquote>, <sup>, <sub> for text formatting.
Type the word "unix": (just to make sure you're a human)
Please preview the comment before submitting to make sure it's OK.
Peteris Krumins' blog about programming, hacking, software reuse, software ideas, computer security, google and technology.
Reach me at:
Or meet me on:
Subscribe through an RSS feed:
(what is rss?)
Subscribe through email:
Enter your email address:
Delivered by FeedBurner
I am being sponsored by Syntress since 2007! They bought me an amazing dedicated server to run catonmat on. If you're looking web services in Chicago area, I highly recommend the Syntress guys!
I love to read science books. They make my day and I get ideas for awesome blog posts, such as Busy Beaver, On Functors, Recursive Regular Expressions and many others.
Take a look at my Amazon wish list, if you're curious about what I have planned reading next, and want to surprise me. :)
See all top articles
See all downloads
See more detailed list of recent articles
See more detailed category information
See more detailed list of all articles
catonmat's source code.
If you are interested in advertising on catonmat.net, contact me.