Hi, Le mardi 21 mai 2013 à 14:57 -0600, Jason Gunthorpe a écrit : > On Mon, May 20, 2013 at 11:43:05PM +0200, Yann Droneaud wrote: > > libibverbs must refuse to load arbitrary shared objects. > > > > This patch check the configuration directory and files for > > - being owned by root; > > - not being writable by others. > > I really don't like this. Is there some exploit against /etc/ now that > requires this sort of checking? >
Loading shared object as part of a setuid binary should be handled with extra care. Adding checks to the configuration loader is required so that only trusted shared object get loaded. Regards. -- Yann Droneaud OPTEYA -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
