Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 23 Feb 2001 13:34:10 -0600
From:      Jonathan Lemon <jlemon@flugsvamp.com>
To:        Kris Kennaway <kris@obsecurity.org>
Cc:        arch@FreeBSD.ORG, Marcel Moolenaar <marcel@cup.hp.com>
Subject:   Re: sysctl kern.fallback_elf_brand
Message-ID:  <20010223133410.O5714@prism.flugsvamp.com>
In-Reply-To: <20010223113155.B73221@mollari.cthul.hu>
References:  <3A960EF8.75C3FC53@cup.hp.com> <20010223042641.B2539@dragon.nuxi.com> <20010223113155.B73221@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, Feb 23, 2001 at 11:31:56AM -0800, Kris Kennaway wrote:
> On Fri, Feb 23, 2001 at 04:26:41AM -0800, David O'Brien wrote:
> > On Thu, Feb 22, 2001 at 11:19:20PM -0800, Marcel Moolenaar wrote:
> > > One problem with this is that unbranded static Linux binaries are
> > > executed as FreeBSD native binaries and there's a high chance of them
> > > rebooting the machine if run as root.
> > 
> > I've never seen that.  Everyone I've every tried just dumped core.  Have
> > you really seen running one reboot the machine?
> 
> Yes.  This was under 4.2-STABLE.  Unfortunately, I can't remember off
> the top of my head what the binary was - something extracted from a
> redhat 6.2 RPM, I think.  Have you tried any statically linked
> binaries which make the correspondingly-numbered syscall (actually, I
> think mine triggered a halt, not a reboot, but they're both common
> syscall numbers)?

It's quite easy to reproduce.  Here's why:

>From sys/kern/syscalls.master:

	55      STD     BSD     { int reboot(int opt); }

>From sys/i386/linux/syscalls.master:

	55      STD     LINUX   { int linux_fcntl(int fd, int cmd, int arg); }


If you run an unbranded Linux binary, our current default assumes 
that it is a FreeBSD elf executable.  So when the Linux binary then
calls what it thinks is fcntl, it actually winds up calling reboot.

*BEWM*

To reproduce, just compile this program (statically) on a Linux box,
and then run (as root) on a FreeBSD box:

main()
{
	fcntl(0,0,0);
}

--
Jonathan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010223133410.O5714>