Lee Braiden <[EMAIL PROTECTED]> writes:

> If it's this library overriding that's the problem, is it not possible to 
> just 
> say that some library calls are "final", and cannot be overridden?  And 
> wouldn't such a library call be able to authenticate any services that must 
> be final, too?

In GNU/Linux (and GNU/Hurd), LD_PRELOAD is not taken into account for
suid programs that are launched.  Typically, `passwd' is protected from
that.

Server overriding in the Hurd is very much like library overriding with
LD_PRELOAD.  The point is that you can't (and you don't want to) prevent
people from implementing and using servers/libraries that implement the
Hurd standard interfaces.  However, in some cases, there needs to be a
way for any process to know whether the libraries/servers it is using
are the ones the administrator installed and trusts (that is, the
"authentic" ones).  Otherwise, he/she may lose control over her/his
machine.  ;-)

Thanks,
Ludovic.


_______________________________________________
L4-hurd mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/l4-hurd

Reply via email to