Alexander W. Janssen
yalla at fsfe.org
Wed Jun 11 23:30:47 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
(forwarded this message)
michael graffam schrieb:
> It's easy to solve the problem: all you need is a trusted strcmp() (i.e
> one linked directly w/ main() )..
> Before you do anything else, main() checks the environment pointer with
> the trusted strcmp() to make sure LD_PRELOAD isn't present. If it is,
> bail with a message. Done.
Interesting approach, but even if the variable LD_PRELOAD is empty or
doesn't exist, the process running in a compromised shell still runs the
preloaded-lib. Even if you have a trusted strcmp(), it wouldn't change
the fact that the lib gets loaded anyway.
> An LD_PRELOADed lib wouldn't have a chance to get hooked.
Well, even if the env-var isn't there, it still get's loaded!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-users