On Mon, Nov 05, 2007 at 10:39:58AM +0100, Andy Polyakov wrote: >> I believe that -Bsymbolic only gives you a fall sense of security and only >> makes it a little harder to replace some functions, but not that much. > > Consider following snippet: > > void foo(){} > void bar(){foo();} [...] > -Bsymbolic resolved and "wired" this intra-library reference already at > link time! In other words once you enter module through bar, no > manipulation of symbol table at run-time will trick bar to call anything > other than foo in same module.
But that doesn't stop you from overwriting bar(), who cares that it internally calls foo(). >> There are only a few function calls that are direct, most of the >> library is PIC and uses indirect calls. > > -Bsymbolic "rewires" as many indirect calls as possible at link time to > direct ones. A. Right, it will only use the PLT for functions in an other library. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]