[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060819232556.GA16617@openwall.com>
Date: Sun, 20 Aug 2006 03:25:56 +0400
From: Solar Designer <solar@...nwall.com>
To: Willy Tarreau <wtarreau@...a.kernel.org>
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH] introduce CONFIG_BINFMT_ELF_AOUT
Willy,
I propose the attached patch (extracted from 2.4.33-ow1) for inclusion
into 2.4.34-pre. (2.6 kernels could benefit from the same change, too.)
The patch adds a new compile-time option to control the support for
"ELF binaries with a.out format interpreters or a.out libraries".
Without this patch, such support is enabled on every system that enables
the support for ELF binaries - although 99% (100%?) of systems don't
need this hybrid functionality. Moreover, this functionality poses a
security risk - as proven in practice:
http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
This uselib() vulnerability did not affect default kernel builds with
the -ow patch specifically due to separation of the unneeded/risky code
into CONFIG_BINFMT_ELF_AOUT and having this option disabled by default.
(Yes, this change in -ow patches pre-dates the discovery of the uselib()
vulnerability.)
The patch also changes CONFIG_BINFMT_AOUT to be disabled by default on
archs that had it default to enabled. The a.out support is similarly
risky and not audited/hardened with the same scrutiny that the ELF
support has received.
Thanks,
Alexander
View attachment "linux-2.4.33-ow1-CONFIG_BINFMT_ELF_AOUT.diff" of type "text/plain" (26854 bytes)
Powered by blists - more mailing lists