> > > > LD_LIBRARY_PATH, LD_PRELOAD and LD_DEBUG are ignored for setuid > > > > executables > > > > in FreeBSD. > > > > > > But the point being made is that they are not ignored for executables > > > which have no read access. And from there, read access can be gained, > > > because at that point, you have code running in the process's address > > > space. > > > > That's right. In other words, there really is no way of protecting > > executable files from being read if someone is motivated enough. > > > > And, in an open-source OS like FreeBSD, it's not a viable solution in > > any case.... > > The only option, as I've mentined previously in this thread, > that I can think of, would be to have an option when building > various linker code to disable searching in $LD_LIBRARY_PATH if > the library being looked for is in the standard library paths.
Except that's only *one* of the ways. There's still ptrace and /proc, so you'd have to hunt them down as well. However, assuming you've hunted them all down, you may be removing useful functionality from the system that is currently used, so it's not worth it. SEF's solution of doing a 'setuid(getuid());' is a good solution that solves the problems listed, and doesn't require any modifications to the system. Nate To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
