From: Florian Weimer <fweimer@redhat.com>
To: Carlos O'Donell <carlos@redhat.com>,
GNU C Library <libc-alpha@sourceware.org>,
Andreas Schwab <schwab@suse.de>,
"Dmitry V. Levin" <ldv@altlinux.org>
Subject: Re: [PATCH v4] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ).
Date: Fri, 08 Jun 2018 05:51:00 -0000 [thread overview]
Message-ID: <c03b7f4a-d129-b24b-b2d8-f55bcf5b2456@redhat.com> (raw)
In-Reply-To: <107904af-fe47-f7c4-e9ca-0fca03c61d4b@redhat.com>
On 06/08/2018 07:45 AM, Carlos O'Donell wrote:
> + /* For SUID/GUID programs we normally ignore the path with
> + a DST in DT_RUNPATH, or DT_RPATH. However, there is
> + one exception to this rule, and it is:
> +
> + * $ORIGIN appears first in the path element, and is
> + the only thing in the element or is immediately
> + followed by a path separator and the rest of the
> + path.
> +
> + * The path element is rooted in a trusted directory.
> +
> + This exception allows such programs to reference
> + shared libraries in subdirectories of trusted
> + directories. The use case is one of general
> + organization and deployment flexibility.
> + Trusted directories are usually such paths as "/lib64"
> + or "/lib". */
> + if (__glibc_unlikely (__libc_enable_secure)
> + && !((input == start + 1
> + || (input > start + 1 && input[-2] == '\0'))
> + && (input[len] == '\0' || input[len] == '/')))
> + repl = (const char *) -1;
The comment does not match the code: The code checks that $ORIGIN comes
first in the *path*, not *path element* (hence the need for the start
variable). I'm not sure what the right behavior is here. Going by path
element seems more correct.
(The begin variable doesn't seem to add much value, as you noted.)
Thanks,
Florian
next prev parent reply other threads:[~2018-06-08 5:51 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-06 5:03 [PATCH] " Carlos O'Donell
2018-06-06 14:01 ` Florian Weimer
2018-06-06 14:55 ` Carlos O'Donell
2018-06-06 14:17 ` Florian Weimer
2018-06-06 15:59 ` Carlos O'Donell
2018-06-06 15:47 ` Andreas Schwab
2018-06-06 16:01 ` Carlos O'Donell
2018-06-06 16:10 ` Carlos O'Donell
2018-06-06 16:31 ` Andreas Schwab
2018-06-06 17:10 ` Carlos O'Donell
2018-06-06 17:28 ` Florian Weimer
2018-06-06 18:49 ` Carlos O'Donell
2018-06-06 18:56 ` Florian Weimer
2018-06-06 20:04 ` Carlos O'Donell
2018-06-07 6:49 ` Andreas Schwab
2018-06-08 2:08 ` Carlos O'Donell
2018-06-11 8:04 ` Andreas Schwab
2018-06-12 3:08 ` Carlos O'Donell
2018-06-12 7:31 ` Andreas Schwab
2018-06-12 12:46 ` Carlos O'Donell
2018-06-12 13:02 ` Andreas Schwab
2018-06-12 13:03 ` Carlos O'Donell
2018-06-06 20:19 ` Carlos O'Donell
2018-06-07 11:38 ` Florian Weimer
2018-06-08 2:14 ` Carlos O'Donell
2018-06-07 12:16 ` Florian Weimer
2018-06-08 4:15 ` Carlos O'Donell
2018-06-08 5:21 ` Florian Weimer
2018-06-08 5:46 ` Carlos O'Donell
2018-06-08 5:50 ` Carlos O'Donell
2018-06-07 12:43 ` Florian Weimer
2018-06-08 5:37 ` Carlos O'Donell
2018-06-08 5:45 ` [PATCH v4] " Carlos O'Donell
2018-06-08 5:51 ` Florian Weimer [this message]
2018-06-08 6:03 ` Carlos O'Donell
2018-06-08 6:25 ` Florian Weimer
2018-06-11 2:55 ` Carlos O'Donell
2018-06-11 7:28 ` Florian Weimer
2018-06-11 14:44 ` Carlos O'Donell
2018-06-12 3:46 ` Carlos O'Donell
2018-06-12 13:08 ` [PATCH v6] " Carlos O'Donell
2018-06-12 13:20 ` Andreas Schwab
2018-06-12 13:23 ` Andreas Schwab
2018-06-12 14:10 ` Carlos O'Donell
2018-06-12 14:34 ` Andreas Schwab
2018-06-12 14:31 ` Florian Weimer
2018-06-12 14:36 ` Carlos O'Donell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c03b7f4a-d129-b24b-b2d8-f55bcf5b2456@redhat.com \
--to=fweimer@redhat.com \
--cc=carlos@redhat.com \
--cc=ldv@altlinux.org \
--cc=libc-alpha@sourceware.org \
--cc=schwab@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).