Date: Thu, 29 Dec 2011 19:04:33 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Xin LI <delphij@gmail.com> Cc: Kostik Belousov <kostikbel@gmail.com>, arch@freebsd.org, kan@freebsd.org Subject: Re: fdlopen(3) Message-ID: <86fwg3ntji.fsf@ds4.des.no> In-Reply-To: <CAGMYy3u6v-Ypo_wJEqWWGgGUjoTr=Ctx6tn6VV4fWM4nTYonrQ@mail.gmail.com> (Xin LI's message of "Thu, 29 Dec 2011 03:15:09 -0800") References: <20111229084308.GD50300@deviant.kiev.zoral.com.ua> <CAGMYy3u6v-Ypo_wJEqWWGgGUjoTr=Ctx6tn6VV4fWM4nTYonrQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin LI <delphij@gmail.com> writes: > Will this prevent e.g. writes to the .so file after open, but before > fdlopen()? The latest version of OpenPAM checks the ownership and permissions of modules before it loads them; it will not load modules that are writable by anyone except root and the process's euid. This patch prevents an attacker from switching the .so file between the ownership checks and the dlopen(3) call. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86fwg3ntji.fsf>