Date: Tue, 27 Dec 2016 18:04:25 -0800 (PST) From: Roger Marquis <marquis@roble.com> To: freebsd-security@freebsd.org Subject: /tmp/ecp.* created during kernel build? Message-ID: <1612271756590.79526@mx5.roble.com>
index | next in thread | raw e-mail
Found a couple of ecp binaries in /tmp, apparently created concurrent with an 11.0 x86_64 kernel build. Anyone else seen this? Could they be related to a "make buildkernel"? # ls -l /tmp/ecp* -rw-r--r-- 1 root wheel 4229 Dec 27 06:21 ecp.Aak1ruL8 -rw-r--r-- 1 root wheel 2371 Dec 27 06:21 ecp.8Wba0TzO # file /tmp/ecp.* /tmp/ecp.8Wba0TzO: ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped /tmp/ecp.Aak1ruL8: ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped # strings /tmp/ecp.Aak1ruL8 belX __vdso_clock_gettime __vdso_getcpu __vdso_gettimeofday __vdso_time linux_platform linux_rt_sigcode linux_vdso.so.1 LINUX_2.6 x86_64 .symtab .strtab .shstrtab .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_d .eh_frame_hdr .eh_frame .dynamic .data .text .endrtsigcode .getip .startrtsigcode _DYNAMIC _GLOBAL_OFFSET_TABLE_ clock_gettime LINUX_2.6 __vdso_gettimeofday __vdso_getcpu gettimeofday time getcpu __vdso_clock_gettime linux_platform linux_rt_sigcode __vdso_time # strings /tmp/ecp.8Wba0TzO linux32_rt_sigcode linux32_sigcode linux32_vsyscall linux_platform linux32_vdso.so.1 LINUX_2.5 i686 .shstrtab .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_d .eh_frame_hdr .eh_frame .dynamic .data .text Is there anything else that might trace the origin of these files other than possibly another buildkernel? Thanks, Rogerhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1612271756590.79526>