Date: Tue, 20 Dec 2011 11:58:13 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: Peter Jeremy <peterjeremy@acm.org> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: logging _rtld errors Message-ID: <20111220095813.GM50300@deviant.kiev.zoral.com.ua> In-Reply-To: <20111219223627.GA2391@server.vk2pj.dyndns.org> References: <4EEF9375.1010203@sentex.net> <CAGMYy3vbQNoiOYTRm9yqfY7WitViTo96mgU05Z=Fxk_wBfUGyg@mail.gmail.com> <20111219200104.GK50300@deviant.kiev.zoral.com.ua> <20111219223627.GA2391@server.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--EhjvRVKassQj6c36 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 20, 2011 at 09:36:28AM +1100, Peter Jeremy wrote: > On 2011-Dec-19 22:01:04 +0200, Kostik Belousov <kostikbel@gmail.com> wrot= e: > >On Mon, Dec 19, 2011 at 11:54:46AM -0800, Xin LI wrote: > >> It doesn't seem to me that this proposed change would do something > >> with security? >=20 > rtld is a fairly critical part of FreeBSD infrastructure and there > have been several instances where rtld changes have resulted in > security vulnerabilities. [Removed]. >=20 > >I also think that UTRACE part is not bad, but will object against the > >LD_PRINT_ERROR part. >=20 > Could you please explain your objections to the LD_PRINT_ERROR part as > I don't see an immediate problem with them. The rtld is the low level facility, that shall silently do its work. It is the same kind of runtime glue as libc or libthr. It shall return errors to the caller. We do not change libc by adding knob to print errors if some libc function failed, so why shall we do this for rtld ? Adding utrace would ease the introspection (which in fact can be already deduced from the other ktrace output, but I agree that this require some knowledge of rtld internals, thus explicit error tracing make it more accessible). Also please note that rtld already has debug mode that is exactly designed for debugging dynamic linking problems. The fact that rtld returns string representation of the error instead of error codes like errno is mostly a mistake. >=20 > > FWIW, it should use rtld_printf() instead of printf(), > >but this is moot point. >=20 > Accepted. >=20 > On 2011-Dec-19 21:02:49 +0100, Cl?ment Lecigne <clemun@gmail.com> wrote: > >Dont know but the ld_printerror !=3D '\0' in the patch should be > >*ld_printerror !=3D '\0', no? >=20 > Oops, my mistake. Yes, there is a missing '*'. >=20 > --=20 > Peter Jeremy --EhjvRVKassQj6c36 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk7wXDUACgkQC3+MBN1Mb4hvAwCeI0wAvE2XwsAu7UAXsFLxi/xR Rb4AnRijaEgEVB0yxCcfV/hs/unwrk7p =0sB9 -----END PGP SIGNATURE----- --EhjvRVKassQj6c36--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111220095813.GM50300>