On Fri, Jan 21, 2022 at 6:09 PM Dominique Martinet <asmad...@codewreck.org> wrote: > Christoph Anton Mitterer wrote on Fri, Jan 21, 2022 at 04:16:36PM +0100: > ... > > Even sounds like something that is rather delicate in terms of > > security. > > Consider a script that's started with such file, but the file is not > > actually existing. > > An attacker is somehow able to create the file and add things like > > LD_PRELOAD_LIBRARY to it. > > Note if your goal is to protect yourself from LD_PRELOAD there isn't > much you can do at this level: the preload library just has to hook over > all kind of exec() functions and they can add themselves back there.
Also see Breaking the links: Exploiting the linker, https://lwn.net/Articles/419997/. Jeff
