Date: Thu, 29 Dec 2011 23:42:30 +0400 From: Andrey Chernov <ache@FreeBSD.ORG> To: d@delphij.net Cc: freebsd-security@FreeBSD.ORG, Doug Barton <dougb@FreeBSD.ORG>, John Baldwin <jhb@FreeBSD.ORG> Subject: Re: svn commit: r228843 - head/contrib/telnet/libtelnet head/crypto/heimdal/appl/telnet/libtelnet head/include head/lib/libc/gen head/lib/libc/iconv head/lib/libc/include head/lib/libc/net head/libexec... Message-ID: <20111229194229.GA49908@vniz.net> In-Reply-To: <4EFCBC60.3080607@delphij.net> References: <201112231500.pBNF0c0O071712@svn.freebsd.org> <4EF6444F.6090708@FreeBSD.org> <CAGMYy3uzLXMvw40q1hM9dnHGxxh%2BeO_8Y1nbNKsPSB_Aenmm7w@mail.gmail.com> <201112290939.53665.jhb@freebsd.org> <4EFCB0C9.6090608@delphij.net> <20111229183606.GA48785@vniz.net> <4EFCBC60.3080607@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 29, 2011 at 11:15:44AM -0800, Xin Li wrote: > Would you please elaborate how this would be less ugly (e.g. with a > patch)? Why doing a patch if you apparently don't care? ) In few words, it less ugly because it 1) will be public API, 2) will restrict all possibe future dlopen() usage (f.e. someday tar, which used in some ftpds, can use dlopen() to load its formats etc.) > We discussed a change like this but IIRC it was rejected because the > affected surface is too broad and we wanted to limit it to just the > implicit dlopen()s to avoid breaking legitimate applications. Instead of total disabling we can (by calling rtld function) restrict dlopen() in ftpd() to absolute path of know safe directories list like "/etc" "/lib" "/usr/lib" etc. -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111229194229.GA49908>