Date: Thu, 18 Jan 2024 17:43:36 +0000 From: Jessica Clarke <jrtc27@freebsd.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Cy Schubert <cy@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org> Subject: Re: git: 0990136ed175 - main - kerberos5: Mitigate the possibility of using an old libcrypto Message-ID: <973524D3-FCB2-47E1-B04F-BB42E18550C5@freebsd.org> In-Reply-To: <kicsvwuaptgfe2y5krflx35smstai6siea4rl7ycyrqdkawrxt@rqobtpgi257u> References: <202401181523.40IFNvXI077592@gitrepo.freebsd.org> <D89E55DF-846D-44FA-9287-0FFED7B08C2C@freebsd.org> <kicsvwuaptgfe2y5krflx35smstai6siea4rl7ycyrqdkawrxt@rqobtpgi257u>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 Jan 2024, at 17:35, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: >=20 > On Thu, Jan 18, 2024 at 05:29:47PM +0000, Jessica Clarke wrote: >> On 18 Jan 2024, at 15:23, Cy Schubert <cy@FreeBSD.org> wrote: >>>=20 >>> The branch main has been updated by cy: >>>=20 >>> URL: = https://cgit.FreeBSD.org/src/commit/?id=3D0990136ed1753ac7837206f9c5f4b83c= cff6c405 >>>=20 >>> commit 0990136ed1753ac7837206f9c5f4b83ccff6c405 >>> Author: Cy Schubert <cy@FreeBSD.org> >>> AuthorDate: 2024-01-18 08:22:20 +0000 >>> Commit: Cy Schubert <cy@FreeBSD.org> >>> CommitDate: 2024-01-18 15:12:14 +0000 >>>=20 >>> kerberos5: Mitigate the possibility of using an old libcrypto >>>=20 >>> By using the full library name (libcrypto.so.30) we avoid the = exposure >>> of using an old, possibly vulnerable, library. >>>=20 >>> Reported by: jrtc27 >>> MFC after: 3 days >>> X-MFC with: 476d63e091c2 >>> Fixes: 476d63e091c2 >>> --- >>> kerberos5/lib/libroken/fbsd_ossl_provider_load.c | 3 ++- >>> 1 file changed, 2 insertions(+), 1 deletion(-) >>>=20 >>> diff --git a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c = b/kerberos5/lib/libroken/fbsd_ossl_provider_load.c >>> index 497b32124f96..2328041bc166 100644 >>> --- a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c >>> +++ b/kerberos5/lib/libroken/fbsd_ossl_provider_load.c >>> @@ -5,6 +5,7 @@ >>> #include <openssl/provider.h> >>>=20 >>> #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >=3D 3) >>> +#define CRYPTO_LIBRARY "/lib/libcrypto.so.30" >>=20 >> This still assumes the native ABI is in use, i.e. doesn=E2=80=99t = account for >> libcompat. Can we please just drop the directory, or if it=E2=80=99s = really >> needed for some reason at least handle the libcompat case? >=20 > Using relative paths might carry a potential security risk if the > LD_LIBRARY_PATH environment variable is set to an attacker-controlled > directory. That=E2=80=99s true for direct linking too, yet we don=E2=80=99t = hard-code everything everywhere there. What=E2=80=99s special about dlopen? Jess
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?973524D3-FCB2-47E1-B04F-BB42E18550C5>