prelink should not mess with running executables
Andrew Haley
aph at redhat.com
Wed Jul 18 11:55:49 UTC 2012
On 07/18/2012 12:06 PM, Sam Varshavchik wrote:
> Andrew Haley writes:
>
>> On 07/18/2012 02:25 AM, Sam Varshavchik wrote:
>>>
>> Not exactly. You said:
>>
>>> Can you explain, then, the "correctly" approach by which an
>>> executable can affirm whether another pid is either running the same
>>> executable, or the post-prelinked version of the same
>>> executable. Anyone who suggests readlinking /proc/self/exe, then
>>> the other /proc/pid/exe, and comparing them sans any hardcoded "
>>> (deleted)" suffix is going to get only howls of laughter, in
>>> response.
>>
>> But that's not a use case. There's no way to know why you want to do
>> this: why you care that another process is running the exact same
>> executable.
>
> Because that's the only process I want to talk to. A form of authentication,
> which I already explained. More than once.
You have _claimed_ that it's a form of authentication, but you've produced
no reason to believe that it is. How do you know that the exact same
binary isn't running as some rogue user, with other data injected into it?
> And we've been over this.
Yes we have. You've made claims, none of which you've justified. Or you
may have done but I missed them. But as it stands this is an utterly
hopeless way to authenticate anything.
Andrew.
More information about the devel
mailing list