Re: RT linker, rpath and security

To: Martin Husemann <martin%duskware.de@localhost>
Subject: Re: RT linker, rpath and security
From: tlaronde%polynum.com@localhost
Date: Thu, 11 May 2023 16:07:13 +0200

Le Thu, May 11, 2023 at 03:44:09PM +0200, Martin Husemann a écrit :
> On Thu, May 11, 2023 at 03:25:57PM +0200, tlaronde%polynum.com@localhost wrote:
> > Why the argument "admin should know better" isn't given for these
> > instead of implementing security measures?
> 
> An admin can not check all input that binaries have to deal with, but
> checking sane access rights for paths showing up in binaries they
> install (or trusting pkgsrc to have done that and creatings dirs with
> proper permissions) is easy.

As easy as using ldd(1)? Which won't tell you the true story. Only
"readelf -d" will tell you. I would be very surprised if it was common
practice. If it was, it would be mentionned in security(7) I guess?

BTW, "/etc/security" should be changed: it verifies that there is no
directory writable by others in root PATH... 

Just my two Euro cents,
-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

Follow-Ups:
- Re: RT linker, rpath and security
  - From: Martin Husemann

References:
- RT linker, rpath and security
  - From: tlaronde
- Re: RT linker, rpath and security
  - From: Martin Husemann
- Re: RT linker, rpath and security
  - From: tlaronde
- Re: RT linker, rpath and security
  - From: Mouse
- Re: RT linker, rpath and security
  - From: tlaronde
- Re: RT linker, rpath and security
  - From: Martin Husemann

Prev by Date: Re: RT linker, rpath and security
Next by Date: Re: RT linker, rpath and security
Previous by Thread: Re: RT linker, rpath and security
Next by Thread: Re: RT linker, rpath and security
Indexes:

Home | Main Index | Thread Index | Old Index