From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ldv@altlinux.org>
Date: Fri, 25 Sep 2009 13:12:26 +0400
From: "Dmitry V. Levin" <ldv@altlinux.org>
To: "Kirill A. Shutemov" <kirill@shutemov.name>
Message-ID: <20090925091226.GC21891@wo.int.altlinux.org>
Mail-Followup-To: "Kirill A. Shutemov" <kirill@shutemov.name>,
	ALT Linux Team development discussions <devel@lists.altlinux.org>,
	"Konstantin A. Lepikhov" <lakostis@unsafe.ru>,
	Michail Yakushin <silicium@altlinux.org>
References: <cc557aab0909250038l20f2cdc3v9f89234b1732b2c@mail.gmail.com>
	<20090925075819.GA12530@lks.home>
	<cc557aab0909250115x774e7d49n6dc4c036697cad31@mail.gmail.com>
	<cc557aab0909250123k361f438fk3efd13753fcbd434@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="Pk6IbRAofICFmK5e"
Content-Disposition: inline
In-Reply-To: <cc557aab0909250123k361f438fk3efd13753fcbd434@mail.gmail.com>
X-fingerprint: FE4C 93AB E19A 2E4C CB5D  3E4E 7CAB E6AC 9E35 361E
Cc: Michail Yakushin <silicium@altlinux.org>,
	ALT Linux Team development discussions <devel@lists.altlinux.org>,
	"Konstantin A. Lepikhov" <lakostis@unsafe.ru>
Subject: Re: [devel] suid binaries and ELF Auxiliary Vectors
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2009 09:12:26 -0000
Archived-At: <http://lore.altlinux.org/devel/20090925091226.GC21891@wo.int.altlinux.org/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--Pk6IbRAofICFmK5e
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 25, 2009 at 11:23:47AM +0300, Kirill A. Shutemov wrote:
> On Fri, Sep 25, 2009 at 11:15 AM, Kirill A. Shutemov
> <kirill@shutemov.name> wrote:
> > 2009/9/25 Konstantin A. Lepikhov <lakostis@unsafe.ru>:
> >> http://people.redhat.com/drepper/elftut1.ps -
> >
> > Thanks for link.
> >
> >> "The function create_elf_tables is responsible for
> >> creating the user stack which includes creating the auxiliary vector."
> >
> > Yep, I see. It really creates auxv on suid binaries. At least it reaches
> > copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t))
> > But still there is no auxv in userspace. :(
> >
>=20
> It seems problem is in glibc. When I compiled similar code with
> klibc, it works fine.
>=20
> Dmitry, could you comment it? Probably, it's security-related
> thing. What's the point?

Every ELF executable gets an auxv, but when glibc detects that the running
process is privileged, it mangles its environment and, besides all, sets
__libc_enable_secure variable to 1.


--=20
ldv

--Pk6IbRAofICFmK5e
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkq8iXkACgkQfKvmrJ41Nh543ACdHsxOywJ4Kk7opluiGOm26sbO
YswAoMI3PpwlPW9a6kKpVJZbwfqUGCMY
=yZV6
-----END PGP SIGNATURE-----

--Pk6IbRAofICFmK5e--