On Thu, 2022-11-03 at 15:24 +0100, Alexander Kanavin wrote: > On Thu, 3 Nov 2022 at 14:56, Richard Purdie > <[email protected]> wrote: > > > The code that handles the interpreter is in the kernel, in > > fs/binfmt_elf.c:load_elf_binary(). The idea would be to add support for > > $ORIGIN there so that $ORIGIN is replaced with the location of the > > binary. > > > > Does anyone have an idea if such a change might be acceptable to the > > upstream kernel? Has anyone ever proposed anything like that? > > I quickly skimmed the ELF spec: > https://refspecs.linuxfoundation.org/elf/elf.pdf > and $ORIGIN is not there. It seems to be an extension specific to the > ld.so implementation (man ld.so). > > Not sure if this would help or hinder the case, just pointing out that > the ELF spec neither stands in the way nor helps.
Yes, indeed. I also did notice: https://engineering.backtrace.io/2016-06-29-exploiting-elf-expansion-variables/ which mentions Solaris does support $ORIGIN in PT_INTERP and that if you're not careful about setuid it could create a security hole so that would be something to be mindful of. Interesting that other systems have done it though. I do think we should explore this a bit. Whilst it wouldn't immediately change much for us today, once this did get into distros in a couple of years, we'd be in a much better shape. Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1658): https://lists.openembedded.org/g/openembedded-architecture/message/1658 Mute This Topic: https://lists.openembedded.org/mt/94756656/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-architecture/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
