If you lie to the compiler, it will get its revenge.
I am doing a startup!
Cross-browser testing from your browser!
I have written my fourth book!
Be faster than Larry Wall at command line!
You're viewing a comment by Peter Cordes and its responses.
This is a unsafe-ldd problem is different from the old one. I remember learning that a.out ldd just ran the executable with argc=1 (i.e. argv==NULL), and that would cause the dynamic a.out dynamic linker to dump library deps. Obviously that's easy to exploit, since you just need a static binary with startup code that doesn't exit with no args.
I was under the impression that ELF ldd was safe, because ld.so printed the dependencies without execing the binary directly. I don't know if it ever was safe, but it's obviously not now, I guess due to the "feature" of supporting binaries that use a non-standard dynamic linker. /sigh. Maybe that feature should only be enabled with ldd --insecure, or something.
LD_TRACE_LOADED_OBJECTS=1 /lib/ld-2.9.so /bin/ls works, and if that's exploitable it's a bug in ld.so, right?
Unfortunately there is no "ld.so": it's really /lib/ld-linux-x86-64.so.2 or ld-linux.so.2 or ld-2.9.so. I guess that's why ldd takes the insecure easy route of running the executable if it has exec permission.
While assuming a secure ldd is a bad habit, since other Unixes don't have a secure ldd, it never hurts to make a system that doesn't suffer from the same problems as other systems. Is openBSD's ldd safe on arbitrary binaries?
(why do I need your e-mail?)
It would be nice if you left your e-mail address. Sometimes I want to send a private message, or just thank for the great comment. Having your e-mail really helps.
I will never ever spam you.
(Your twitter handle, if you have one.)
* use <pre>...</pre> to insert a plain code snippet.
* use <pre lang="lang">...</pre> to insert a syntax highlighted code snippet.
For example, <pre lang="python">...</pre> will insert Python highlighted code.
* use <code>...</code> to highlight a variable or a single shell command.
* use <a href="url" nospam>title</a> to insert links.
<a href="url" nospam>title</a>
* use other HTML tags, such as, <b>, <i>, <blockquote>, <sup>, <sub> for text formatting.
Type the word "unix_156": (just to make sure you're a human)
Please preview the comment before submitting to make sure it's OK.
Peter Krumins' blog about programming, hacking, software reuse, software ideas, computer security, browserling, google and technology.
Reach me at:
Or meet me on:
Subscribe through an RSS feed:
(what is rss?)
Subscribe through email:
Enter your email address:
Delivered by FeedBurner
I love to read science books. They make my day and I get ideas for awesome blog posts, such as Busy Beaver, On Functors, Recursive Regular Expressions and many others.
Take a look at my Amazon wish list, if you're curious about what I have planned reading next, and want to surprise me. :)
See all top articles
See all downloads
See more detailed list of recent articles
See more detailed category information
See more detailed list of all articles