From owner-svn-src-head@freebsd.org Mon May 15 19:29:50 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A6552D6E6FF; Mon, 15 May 2017 19:29:50 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22FFCD06; Mon, 15 May 2017 19:29:49 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id v4FJTi3Y001723 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 15 May 2017 22:29:45 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua v4FJTi3Y001723 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id v4FJTitU001722; Mon, 15 May 2017 22:29:44 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Mon, 15 May 2017 22:29:44 +0300 From: Konstantin Belousov To: Bryan Drewery Cc: Alexey Dokuchaev , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r318313 - head/libexec/rtld-elf Message-ID: <20170515192944.GI1622@kib.kiev.ua> References: <201705151848.v4FImwMW070221@repo.freebsd.org> <20170515185236.GB1637@FreeBSD.org> <20170515190030.GG1622@kib.kiev.ua> <2493cfd2-1fab-d4cd-523c-0bd7413b1c86@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2493cfd2-1fab-d4cd-523c-0bd7413b1c86@FreeBSD.org> User-Agent: Mutt/1.8.2 (2017-04-18) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 May 2017 19:29:50 -0000 On Mon, May 15, 2017 at 12:25:20PM -0700, Bryan Drewery wrote: > On 5/15/2017 12:00 PM, Konstantin Belousov wrote: > > On Mon, May 15, 2017 at 06:52:36PM +0000, Alexey Dokuchaev wrote: > >> On Mon, May 15, 2017 at 06:48:58PM +0000, Konstantin Belousov wrote: > >>> New Revision: 318313 > >>> URL: https://svnweb.freebsd.org/changeset/base/318313 > >>> > >>> Log: > >>> Make ld-elf.so.1 directly executable. > >> > >> Does it mean that old Linux' trick of /lib/ld-linux.so.2 /bin/chmod +x > >> /bin/chmod would now be possible on FreeBSD as well? > > Yes. > > > >> Does this have any security implications? > > What do you mean ? > > > > I think for 3rd-party distributions it may be a problem. At the very > least it needs to be communicated clearly in release notes or UPDATING. > > Consider a downstream vendor who has support for signed binary > executions. If rtld allows a backdoor around exec(2) to run an unsigned > binary, that could be a problem for them. It is on them to add support > to exec(2) to validate the special case of execing rtld with an > argument, or to just disable the feature in rtld from this commit. Note the undocumented O_VERIFY flag in open(2) from the patch. This is very vendor-ish addition to request veriexec (?).