Date: Mon, 29 Jul 2013 10:12:54 +0200 From: Mateusz Guzik <mjguzik@gmail.com> To: Julian Elischer <julian@freebsd.org> Cc: Gennady Proskurin <gprspb@mail.ru>, freebsd-current@freebsd.org, markj@freebsd.org Subject: Re: ldd runs linux programs Message-ID: <20130729081254.GB32322@dft-labs.eu> In-Reply-To: <51F5D491.1080803@freebsd.org> References: <20130728193110.GB17514@gpr.nnz-home.ru> <20130728204958.GA32322@dft-labs.eu> <51F5D491.1080803@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 29, 2013 at 10:33:53AM +0800, Julian Elischer wrote: > On 7/29/13 4:49 AM, Mateusz Guzik wrote: > >On Sun, Jul 28, 2013 at 11:31:10PM +0400, Gennady Proskurin wrote: > >>Hello. > >>When linux binary is passed to FreeBSD's ldd as argument, this binary is executed. > >>I'm sure this is bug :) > >>(with security involved) > >> > >I have a patch for this, but never got around to commit it. > > > >http://people.freebsd.org/~mjg/patches/ldd-non-freebsd-ignore.diff > > > >If someone wants, go ahead and steal it. > > > For those of us that are not ldd experts, why does this happen, > what's the history and > what happends on Linux? > I vagualy remember that linux may somehow execute something in this > case but my memory is very vague on the topic. right, sorry. Short version is that both FreeBSD and Linux ldd set LD_TRACE_LOADED_OBJECTS environment variable and run the binary expecting runtime linker to act accordingly. However, FreeBSD sets LD*32*_TRACE_LOADED_OBJECTS for 32-bit binaries, thus Linux linker just proceeds with execution. Looks like we have several PRs related to this, notably http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/127276 . and looks like markj (cc-ed) took another PR, someone should clean this up. 127276 suggests running the binary as is (which I don't like) and achieves this with a hacky way. So if we really want to do this, the patch should be reworked to detect Linux binaries properly. In general we should gain linux_ldd (like linux_kdump) and our ldd should work only on FreeBSD binaries. The last part is achieved with my patch. markj, are you working on this? -- Mateusz Guzik <mjguzik gmail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130729081254.GB32322>