Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)
From: Damien Miller (djm_at_mindrot.org)
Date: 05/01/03
- Previous message: Michael -: "re:Latest MS SQL Server vulnerabilities revealed"
- Maybe in reply to: Darren Tucker: "Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)"
- Next in thread: Shiva Persaud: "Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 01 May 2003 09:26:44 +1000 To: Valdis.Kletnieks@vt.edu, bugtraq@securityfocus.com
Valdis.Kletnieks@vt.edu wrote:
> On Wed, 30 Apr 2003 13:39:49 +1000, Damien Miller <djm@mindrot.org> said:
>
>>1. Systems affected:
>>
>> Users of Portable OpenSSH prior to 3.6.1p2 on AIX are affected
>> if OpenSSH was compiled using a non-AIX compiler (e.g. gcc).
>
>
> This is the same problem as I spotted in Sendmail 8.10. Basically,
> somewhere, linking is being done with "-L. -lfoo" or similar (in sendmail's
> case, it was -L../otherdir type stuff).
>
> Workaround/fix: Link with "-bnolibpath -blibpath:/usr/local/lib:/usr/lib"
> or similar.
This is what we have done for a long time, but those options only work
when using xlc as the linker, with gcc you need to specify different
options.
3.6.1p2 specifies these options correctly, but it illustrates the deeper
problem: the default is insecure and you need to add workarounds for
each additional interface to the linker.
I wouldn't be suprised if this affected binaries built with libtool or
other wrappers, though I haven't checked (we don't use them).
-d
- Previous message: Michael -: "re:Latest MS SQL Server vulnerabilities revealed"
- Maybe in reply to: Darren Tucker: "Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)"
- Next in thread: Shiva Persaud: "Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
