From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Virus-Scanned: amavisd-new at velesys.com Date: Wed, 19 Sep 2007 18:20:58 +0300 From: "Kirill A. Shutemov" To: ALT Linux Team development discussions Message-ID: <20070919152057.GA10298@localhost.localdomain> References: <20070913174013.GA6212@localhost.localdomain> <20070913231033.GC3619@basalt.office.altlinux.org> <20070917091229.GB10677@localhost.localdomain> <20070917172128.GB25433@basalt.office.altlinux.org> <20070917173545.GA10916@localhost.localdomain> <20070918214009.GB19447@basalt.office.altlinux.org> <20070919131433.GA373@localhost.localdomain> <20070919131950.GD13831@basalt.office.altlinux.org> <20070919133003.GA26869@localhost.localdomain> <20070919135301.GF13831@basalt.office.altlinux.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HlL+5n6rz5pIUxbD" Content-Disposition: inline In-Reply-To: <20070919135301.GF13831@basalt.office.altlinux.org> X-Operating-System: ALT Linux Sisyphus (20070101) (Kernel 2.6.18-ovz-smp-alt15) User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Re: [devel] kernel-headers-std X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2007 15:20:53 -0000 Archived-At: List-Archive: List-Post: --HlL+5n6rz5pIUxbD Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On [Wed, 19.09.2007 17:53], Dmitry V. Levin wrote: > On Wed, Sep 19, 2007 at 04:30:03PM +0300, Kirill A. Shutemov wrote: > > On [Wed, 19.09.2007 17:19], Dmitry V. Levin wrote: > > > On Wed, Sep 19, 2007 at 04:14:33PM +0300, Kirill A. Shutemov wrote: > [...] > > > > nologin.c: Rewrite without glibc at all (#10729) > > > >=20 > > > > =D0=9D=D0=B5 =D1=81=D0=BE=D0=B2=D1=81=D0=B5=D0=BC =D0=BF=D0=BE=D0= =BD=D1=8F=D1=82=D0=BD=D0=BE =D0=B7=D0=B0=D1=87=D0=B5=D0=BC =D0=B8 =D0=BA=D0= =B0=D0=BA =D1=8D=D1=82=D0=BE =D0=BC=D0=BE=D0=B3=D0=BB=D0=BE =D0=BF=D0=BE=D1= =84=D0=B8=D0=BA=D1=81=D0=B8=D1=82=D1=8C =D0=B1=D0=B0=D0=B3. =D0=9C=D0=BE=D0= =B6=D0=BD=D0=BE =D0=BB=D0=B8 =D0=B2=D0=B5=D1=80=D0=BD=D1=83=D1=82=D1=8C > > > > =D0=BE=D0=B1=D1=80=D0=B0=D1=82=D0=BD=D0=BE glibc? > > >=20 > > > =D0=95=D1=81=D0=BB=D0=B8 =D0=B2=D0=B5=D1=80=D0=BD=D1=83=D1=82=D1=8C = =D0=BE=D0=B1=D1=80=D0=B0=D1=82=D0=BD=D0=BE glibc, =D1=82=D0=BE =D0=B2=D0=B5= =D1=80=D0=BD=D1=91=D1=82=D1=81=D1=8F #10729. > >=20 > > =D0=90 =D1=87=D1=82=D0=BE =D1=8F=D0=B2=D0=BB=D1=8F=D0=B5=D1=82=D1=81=D1= =8F =D0=BF=D1=80=D0=B8=D1=87=D0=B8=D0=BD=D0=BE=D0=B9 =D1=8D=D1=82=D0=BE=D0= =B3=D0=BE =D0=B1=D0=B0=D0=B3=D0=B0? >=20 > =D0=9D=D0=B5=D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D1=8C=D0=BD=D0=B0=D1=8F = =D1=81=D1=82=D0=B0=D1=82=D0=B8=D1=87=D0=B5=D1=81=D0=BA=D0=B0=D1=8F =D0=BB= =D0=B8=D0=BD=D0=BA=D0=BE=D0=B2=D0=BA=D0=B0 =D0=B1=D0=B5=D0=B7 libc. >=20 > =D0=97=D0=B0=D1=87=D0=B5=D0=BC =D0=BD=D1=83=D0=B6=D0=BD=D0=BE =D0=BB=D0= =B8=D0=BD=D0=BA=D0=BE=D0=B2=D0=B0=D1=82=D1=8C nologin =D0=B1=D0=B5=D0=B7 li= bc? =D0=9F=D1=80=D0=B8=D0=B2=D0=B5=D0=B4=D1=83 =D1=86=D0=B8=D1=82=D0=B0=D1= =82=D1=83 (=D0=BB=D0=B5=D0=BD=D1=8C =D0=BF=D0=B5=D1=80=D0=B5=D0=B2=D0=BE=D0= =B4=D0=B8=D1=82=D1=8C): >=20 > "The dynamic linker and libc startup code checks a number of environment > variables, which may seriously alter the behavior of the starting > program - up to execution of arbitrary code (other than that found in > the program). Login services such as telnetd/login and sshd allow for > initial environment variables to be passed from the remote. This has > actually been used to break into systems in the past. >=20 > Now, modern/patched versions of login services use whitelists of > known-safe environment variables - and allow only for those environment > variables to be passed from the remote. >=20 > But we can feel a little bit safer if our disabled accounts' "shells" > would not be subject to this risk at all - and the only currently > practical way to achieve that is to avoid the use of the dynamic linker > and libc." >=20 =D0=92=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BC =D0=B8=D0=B7 =D1=8F=D0=B4=D0=B5= =D1=80=D0=BD=D1=8B=D1=85 =D1=85=D0=B8=D0=B4=D0=B5=D1=80=D0=BE=D0=B2 =D0=BC= =D0=B0=D0=BA=D1=80=D0=BE=D1=81=D1=8B _syscallX =D0=B2=D1=8B=D0=BA=D0=B8=D0= =BD=D1=83=D0=BB=D0=B8, =D0=B7=D0=B0=D0=B2=D0=B5=D1=89=D0=B0=D0=B2 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D1=8C li= bc'=D1=88=D0=BD=D1=8B=D0=B9 syscall(): David Woodhouse: The limited subset of old userland which elected to use _syscallX() instead of libc's syscall(), and which can be fixed fairly easily. http://lkml.org/lkml/2006/8/28/61 libc =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D1= =8C =D0=B2 =D1=8D=D1=82=D0=BE=D0=BC =D1=81=D0=BB=D1=83=D1=87=D0=B0=D0=B5 = =D0=BD=D0=B5=D0=BB=D1=8C=D0=B7=D1=8F. =D0=A7=D1=82=D0=BE =D0=B1=D1=83=D0=B4= =D0=B5=D0=BC =D0=B4=D0=B5=D0=BB=D0=B0=D1=82=D1=8C? --=20 Regards, Kirill A. Shutemov + Belarus, Minsk + Velesys LLC, http://www.velesys.com/ + ALT Linux Team, http://www.altlinux.com/ --HlL+5n6rz5pIUxbD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFG8T5ZbWYnhzC5v6oRAqKwAJ9Y5mJEXb4sgytyT79qlMRz1QgoyACbBSKD OynKl+myAzBWcCFfrktJVIc= =OyL0 -----END PGP SIGNATURE----- --HlL+5n6rz5pIUxbD--