Proposal to reduce anti-bundling requirements
Florian Weimer
fweimer at redhat.com
Fri Sep 18 12:35:10 UTC 2015
On 09/15/2015 08:16 PM, Simo Sorce wrote:
> On Tue, 2015-09-15 at 19:59 +0200, Florian Weimer wrote:
>> On 09/15/2015 03:58 PM, Simo Sorce wrote:
>>
>>>> I'm not sure how difficult this would be because I'm not sure how many
>>>> symbols rely upon indirect dependencies. I think it would be a worthwhile
>>>> cleanup to turn on something like you suggest, and attempt to bootstrap
>>>> the OS using Fedora Bootstrap [1].
>>>
>>> Symbol interposition is used a lot for very useful features, blocking
>>> interposition would break a lot of stuff.
>>
>> Such as run-time patching of BIND 9 on RHEL 3 to remove a remote crasher
>> bug?
>>
>> I don't know. There is the malloc use case (which could easily be
>> supported by marking these functions as interposable), but beyond that?
>
> Look at what we do with https://cwrap.org/ for example, we use this
> stuff in multiple projects now to be able to do testing w/o having to
> create complex networking setups, or have to reconfigure systems and
> give real root to applications in testing. For any of this to work we
> relying on LD_PRELOAD and symbols interposition.
LD_PRELOAD is an explicit mechanism. The question is more likeādo we
have to support *linking* (via DT_NEEDED) to libcwrap before libc, and
that would override those functions everywhere in the process?
Strictly speaking, the answer is no, we don't support it today, even
with LD_PRELOAD. The set of libc symbols you can safely interpose to
get a desired effect is very, very small. You might well end up with
infinite recursion and missed intercepts because libc-internal calls do
not go through the PLT (except malloc functions, so that they can be
interposed). cwrap can live with that (like fakeroot) because it is not
really an end user mechanism, and you can patch things if they break, or
pull the wrapping interface further out.
But again, I would really like to see DT_NEEDED-based use cases for
symbol interposition.
--
Florian Weimer / Red Hat Product Security
More information about the devel
mailing list