Date: Tue, 1 Dec 2009 19:00:16 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: Vasim Valejev <vasim@resume-bank.ru> Cc: freebsd-security@freebsd.org Subject: Re: LD_PRELOAD temporary patch Message-ID: <2l7ppaOshvDTrwINE81EpiKZPIo@HdC2pNlxoZEC2oqxdWvElH3kUBc> In-Reply-To: <025901ca728f$f7565340$0132a8c0@fb4e97440cc340b> References: <025901ca728f$f7565340$0132a8c0@fb4e97440cc340b>
next in thread | previous in thread | raw e-mail | index | archive | help
--ieNMXl1Fr3cevapt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Good evening.
Tue, Dec 01, 2009 at 05:09:57PM +0300, Vasim Valejev wrote:
> I've used that patch to close the hole. This patch is temporary and
> doesn't fix real trouble maker - problem in new version in getenv()
If you're talking about rtld-elf local root, then the real issue
is that return values of unsetenv() are not checked and unsetenv()
could fail, thus leaving LD_PRELOAD and friends left unmodified.
> (after 6.3 it got changed to something monstrous and non-working right
> if environment has only one variable),
Sorry, what do you mean by this? Does the attached script print 'VAR =
variable' for you as it does for me on 8.0-BETA2 (and undoubtly, on
8.0)? If yes then getenv() works properly with a single environment
variable. Perhaps you meant something else?
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
--ieNMXl1Fr3cevapt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2l7ppaOshvDTrwINE81EpiKZPIo>