Jeremy C. Reed wrote:
> On Fri, 2 Feb 2007, Quentin Garnier wrote:
> 
>> For one thing because you can use an interpreted language such as PERL
>> to do almost anything (granted, PERL is not installed in base, and other
>> languages in base might be too limited).
> 
> Maybe someone can document or point to a quick howto on how to use 
> veriexecctl for that?
> 
>> But you can also use LD_PRELOAD to make ld.so load and later run your
>> code.
> 
> We already have:
> bool            _rtld_trust;    /* False for setuid and setgid programs */
> 
> Maybe we can extend that to have a sysctl tunable.

the reason I want to avoid implementing the solutions for now is that
*I* am not satisfied with piggy-backing veriexec for the interpreter
issue, and ideally there should be no linker changes for this feature.

-e.