On Mon, Jul 29, 2013 at 10:33:53AM +0800, Julian Elischer wrote: > On 7/29/13 4:49 AM, Mateusz Guzik wrote: > >On Sun, Jul 28, 2013 at 11:31:10PM +0400, Gennady Proskurin wrote: > >>Hello. > >>When linux binary is passed to FreeBSD's ldd as argument, this binary is executed. > >>I'm sure this is bug :) > >>(with security involved) > >> > >I have a patch for this, but never got around to commit it. > > > >http://people.freebsd.org/~mjg/patches/ldd-non-freebsd-ignore.diff > > > >If someone wants, go ahead and steal it. > > > For those of us that are not ldd experts, why does this happen, > what's the history and > what happends on Linux? > I vagualy remember that linux may somehow execute something in this > case but my memory is very vague on the topic. right, sorry. Short version is that both FreeBSD and Linux ldd set LD_TRACE_LOADED_OBJECTS environment variable and run the binary expecting runtime linker to act accordingly. However, FreeBSD sets LD*32*_TRACE_LOADED_OBJECTS for 32-bit binaries, thus Linux linker just proceeds with execution. Looks like we have several PRs related to this, notably http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/127276 . and looks like markj (cc-ed) took another PR, someone should clean this up. 127276 suggests running the binary as is (which I don't like) and achieves this with a hacky way. So if we really want to do this, the patch should be reworked to detect Linux binaries properly. In general we should gain linux_ldd (like linux_kdump) and our ldd should work only on FreeBSD binaries. The last part is achieved with my patch. markj, are you working on this? -- Mateusz Guzik <mjguzik gmail.com>Received on Mon Jul 29 2013 - 06:13:02 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:39 UTC