prelink should not mess with running executables
Sam Varshavchik
mrsam at courier-mta.com
Mon Jul 16 00:35:28 UTC 2012
Garrett Holmstrom writes:
> On 2012-07-15 15:00, Sam Varshavchik wrote:
>> Benny Amorsen writes:
>>> Perhaps it's just me, but why would the daemon stat /proc/self/exe? I
>>> presume prelink writes a new file and renames into place as a proper
>>> Unix program should, which still leaves the original program intact on
>>> disk until the last open file descriptor referring to it is gone.
>>
>> A means for authenticating a filesystem domain socket's peer. Receive
>> the peer's credentials, then check /proc/pid/exe and /proc/self/exe. If
>> they're same, the daemon is talking to another instance of itself.
>
> Admittedly without knowledge of what daemon you are referring to, how is the
> file name alone sufficient to be able to determine that something is,
> indeed, the same program? My security-sense seems to be tingling. ;-)
Can you explain how two completely different executables could possibly end
up having the same absolute pathname?
Unless there's some way this can happen, I'm fairly optimistic that if
/proc/pid1/exe is the same thing as as /proc/self/exe, you have a fairly
reasonable level of confidence that pid1 is the same executable as you are.
That is, of course, in absence's of prelink's bull-in-the-china-shop modus
operandi.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120715/283be82b/attachment.sig>
More information about the devel
mailing list