From owner-freebsd-hackers Thu Oct 8 20:37:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA05604 for freebsd-hackers-outgoing; Thu, 8 Oct 1998 20:37:41 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from phoenix (phoenix.aye.net [206.185.8.134]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id UAA05518 for ; Thu, 8 Oct 1998 20:36:59 -0700 (PDT) (envelope-from rabtter@aye.net) Received: (qmail 1404 invoked by uid 2784); 9 Oct 1998 03:35:51 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 9 Oct 1998 03:35:51 -0000 Date: Thu, 8 Oct 1998 23:35:50 -0400 (EDT) From: Barrett Richardson Reply-To: Barrett Richardson To: hackers@FreeBSD.ORG Subject: Problems/Solutions breaking binary compatability. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I posted a question about this a while back on got lots of feedback -- here is what I ran into. Try 1 I edited syscalls.master and moved the syscalls around, located the sources to the *.o files and recompiled those using the the new header files created by remaking init_sysent.c. My 'make buildworld' puked because it tried to use some of the binaries it was building. Try 2 I used up as many of the UNIMPL entries and made a COMPAT entry so the syscalls I wanted to shuffle would temporarily be in two places, and recompiled /usr/lib/crt0.o and friends and built a new kernel. I then changed the original syscalls I wanted to move to UNIMPL and changed the COMPAT entries I created to STD (I had to edit init_sysent.c and change all the entries for the COMPAT's I added in the intermediate step), and remade /usr/lib/*.o using the header files created by 'make init_sysent.c' in /sys/kern. The make buildworld was preceding ok, but ... by then the powers that be got really attached to some purchased software; scrap the idea. Try 3 Use John Dyson's idea of using a flag bit. In imgact_aout.c, imgact_elf.c, and imgact_gzip.c check for the bit being set (let root slide so makefiles that use built utilities won't choke, and to avoid painting myself into a corner), and write a utility that sets the flag on binaries. Works wonderful. Script kiddie uploads his hack, runs it, and it spits out "cannot execute binary file" because it has not been "blessed". I've been thinking of replacing the message with something silly like "invalid user command, replace user" :-). Would be simple to add an option in the kernel config file like "options PARANOID" or "options SCARED" but care would have to taken to set the flag on the system binaries beforehand. I let shell scripts slide in my setup. -- Barrett Richardson rabtter@aye.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message