hi, > On Thu, Jan 26, 2012 at 03:11:14PM +0000, YAMAMOTO Takashi wrote: >> do you mean rumphijack? iirc it sits between application and libc. > > It overwrites the strong syscall symbols, so it covers libc itself as > well.
a libc implementation of posix_spawn can even bypass plt if it wants, can't it? having said that, if rump or whatever want to alter the behaviour of other libraries by overwriting low-level symbols, it's their responsibility to do it in a safe way, IMO. anyway, i don't think an in-kernel implementation is better in this regard. ie. rump needs to override posix_spawn as a whole. YAMAMOTO Takashi > > Joerg
