-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (forwarded this message)
michael graffam schrieb: > It's easy to solve the problem: all you need is a trusted strcmp() (i.e > one linked directly w/ main() ).. > > Before you do anything else, main() checks the environment pointer with > the trusted strcmp() to make sure LD_PRELOAD isn't present. If it is, > bail with a message. Done. Interesting approach, but even if the variable LD_PRELOAD is empty or doesn't exist, the process running in a compromised shell still runs the preloaded-lib. Even if you have a trusted strcmp(), it wouldn't change the fact that the lib gets loaded anyway. > An LD_PRELOADed lib wouldn't have a chance to get hooked. Well, even if the env-var isn't there, it still get's loaded! Alex. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBSFBEBRYlVVSQ3uFxAQLSagP+ONzt6GC+AVlgudwb+Agx6JeKKLC9teg8 cOPSRlDBXTWvH5qZakEOEy+9is6ALWRUA4N5soYiKnra1v9FiEDVqfFxqhsa2V5P 4TE/g+FxuR744zYAbJspJHH5zxxaSX35+epzTJ5I6+zmxLvWLFL+Eed9fmE5ljW/ kr0AjDcNKMI= =Jbu1 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
