Hosting Provided By

Re: Re : Bounds-checking gcc ..

From: Eivind Eklund <eivind(at)dimaga.com>
Date: Wed Feb 19 1997 - 16:15:06 EST

At 02:39 PM 2/18/97 -0700, Warner Losh wrote:
>: The startup code could also check the resource set if the program
>: is run suid and exit if the resources are not considered
>: 'reasonable'.

I've been thinking along the lines of having a different, especially secure version of libc.so for setuid programs. This should a LITTLE to the startup/dynamic library code. An easy way to do this could be to have the linker look first for libxxx.suid.N.N instead of libxxx.so.N.N for any setuid program; this allow an alternate version of any library we care to replace. The generation of alternate libraries can be handled by #ifdef's or similar.

Eivind Eklund perhaps(at)yes.no http://maybe.yes.no/perhaps/ eivind(at)freebsd.org Received on Wed Feb 19 13:52:31 1997

This message: [ Message body ]
Next message: Danny J. Zerkel: "Any suggestions?"
Previous message: Warner Losh: "Re: Termcap use..."
Maybe in reply to: Adrian Chadd: "Re : Bounds-checking gcc .."
In reply to Warner Losh: "Re: Re : Bounds-checking gcc .."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:41:02 EDT