Re: KEYWORDS: shared objects, dynamic linking,
From: Sebastian Jaenicke (tsa@jaenicke.org)Date: 10/20/01
- Previous message: Aycan Irican: "KEYWORDS: shared objects, dynamic linking,"
- In reply to: Aycan Irican: "KEYWORDS: shared objects, dynamic linking,"
- Next in thread: Dave Aitel: "Re: KEYWORDS: shared objects, dynamic linking,"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 20 Oct 2001 20:31:11 +0200 From: Sebastian Jaenicke <tsa@jaenicke.org> To: aycan@prosoft.com.tr Subject: Re: KEYWORDS: shared objects, dynamic linking, Message-ID: <20011020203111.A1001@jaenicke.org>
Hi,
On Sat, Oct 20, 2001 at 02:13:23PM +0300, Aycan Irican wrote:
[..]
> [aycan@mars doc]$ uname -a
> Linux deadbeef 2.4.12 #13D SMP Wed Oct 17 11:54:46 CEST 2001 i586 unknown
> [aycan@mars doc]$ ls -al /usr/X11R6/bin/xlock
> -r-sr-xr-x 1 root root 1406536 May 3 12:49 /usr/X11R6/bin/xlock
>
> I couldn't see any path when I looked at objdump output ...so I think I can
> export my LD_RUN_PATH variable to inject MY OWN libXpm.so.4 magically :)
>
> what I'm doing wrong here?
> is it possible to inject suspicious shared objects so suid program is
> compromised?
[..]
AFAIK the system doesn't honor your LD_LIBRARY_PATH with dynamically
linked suid/sgid-binaries. Otherwise, a compromise would be way too
easy. ;-)
Sebastian
-- Sebastian Jaenicke whois pgpkey-18AC0BE4@whois.ripe.net|perl -ne's-^certif: +--&&print'
- application/pgp-signature attachment: stored
- Previous message: Aycan Irican: "KEYWORDS: shared objects, dynamic linking,"
- In reply to: Aycan Irican: "KEYWORDS: shared objects, dynamic linking,"
- Next in thread: Dave Aitel: "Re: KEYWORDS: shared objects, dynamic linking,"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
