From owner-freebsd-hackers@FreeBSD.ORG  Fri Oct  6 21:59:03 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: hackers@FreeBSD.org
Delivered-To: freebsd-hackers@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 22F4A16A407;
	Fri,  6 Oct 2006 21:59:03 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D932843D45;
	Fri,  6 Oct 2006 21:59:02 +0000 (GMT)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196])
	by elvis.mu.org (Postfix) with ESMTP id BCDEC1A4D8C;
	Fri,  6 Oct 2006 14:59:02 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 3C14E515B7; Fri,  6 Oct 2006 17:59:02 -0400 (EDT)
Date: Fri, 6 Oct 2006 17:59:02 -0400
From: Kris Kennaway <kris@obsecurity.org>
To: Andrew Pantyukhin <infofarmer@FreeBSD.org>
Message-ID: <20061006215902.GA21109@xor.obsecurity.org>
References: <cb5206420610052235t78033639vaa90429f07581078@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="huq684BweRXVnRxX"
Content-Disposition: inline
In-Reply-To: <cb5206420610052235t78033639vaa90429f07581078@mail.gmail.com>
User-Agent: Mutt/1.4.2.2i
Cc: hackers@FreeBSD.org, secteam@freebsd.org
Subject: Re: Tracing binaries statically linked against vulnerable libs
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2006 21:59:03 -0000


--huq684BweRXVnRxX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Oct 06, 2006 at 09:35:31AM +0400, Andrew Pantyukhin wrote:
> I wonder if there is a way to deal with statically linked binaries,
> which use vulnerable libraries.

The best way is to track them down and force them all to link
dynamically; static linking is a PITA from a systems management point
of view :)

Kris

--huq684BweRXVnRxX
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFJtGlWry0BWjoQKURAnRMAKCxe377BTzaojkdagPmWJIX0PyoiQCg8EaU
yUX3SCKIvaXgQOAsdVcx27A=
=Rwyw
-----END PGP SIGNATURE-----

--huq684BweRXVnRxX--