On 25 March 2013 07:01, Kfir Lavi <[email protected]> wrote: > Hi, > I'm looking for a way to reduce glibc code size. > It can be a way to make system smaller and minimize the impact > of attack vectors in glibc, as in return-to-libc attack. > > Lets say I'm deleting the program 'mkdir', and mkdir uses a function > in glibc that non of the other parts of the system uses. > Then I want to eliminate this function from glibc. This leads to smaller > code and if this function is used in some attack scenario, maybe prevent it. > > Is there a way to do it? > Can you help me think how to build a tool like this? or, integrate > with existing tools. > > Thanks, > Kfir >
You can use -Os when you compile your packages to reduce the size of the resulting ELF file. As for the second part of your question, I am not sure if this is possible. I haven't thought this through, but assuming you know no other packages depend on the function you want to remove, you will have to mess with the ELF file and its plt and other section entries to remove all the references of that symbol. It's likely you will break the file in the end. -- Regards, Markos Chandras - Gentoo Linux Developer http://dev.gentoo.org/~hwoarang
