* Niels Thykier <ni...@thykier.net>, 2011-12-08, 12:06:
I was informed (and have verified) that hardening-check uses "ldd(1)". Unfortunately, ldd(1) appears to be (semi-)executing the binaries it is run on[1]. This smells like a CVE in the making,
AFAIUI, ldd in our libc is not vulnerable to arbitrary code execution since 2.10.1-7.
The other problem with using ldd is that it won't work for binaries of foreign architecture.
so would it be possible for you to update hardening-check to use readelf instead[2]?
Currently ldd is used to discover which libc the binaries is linked to, in order to read symbol from the libc library. But this won't work, even when using readelf, for foreign architecture binaries, for the simple reason that such libc might not exist on the user's system.
-- Jakub Wilk -- To UNSUBSCRIBE, email to debian-lint-maint-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111208105019.ga2...@jwilk.net