[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On trusting its parent process

From: Ludovic Courtès
Subject: Re: On trusting its parent process
Date: Wed, 13 Jul 2005 18:26:43 +0200
User-agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux)

Lee Braiden <address@hidden> writes:

> If it's this library overriding that's the problem, is it not possible to 
> just 
> say that some library calls are "final", and cannot be overridden?  And 
> wouldn't such a library call be able to authenticate any services that must 
> be final, too?

In GNU/Linux (and GNU/Hurd), LD_PRELOAD is not taken into account for
suid programs that are launched.  Typically, `passwd' is protected from

Server overriding in the Hurd is very much like library overriding with
LD_PRELOAD.  The point is that you can't (and you don't want to) prevent
people from implementing and using servers/libraries that implement the
Hurd standard interfaces.  However, in some cases, there needs to be a
way for any process to know whether the libraries/servers it is using
are the ones the administrator installed and trusts (that is, the
"authentic" ones).  Otherwise, he/she may lose control over her/his
machine.  ;-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]