Hi, >at first sight I'm not a huge fan of that. LD_PRELOAD and setuid stuff is >always a bit tricky, because abusing setuid files (and libraries here) might >mean privilege escalation. At lot of attacks in the past just abused setuid >binaries to do bad stuff in order to gain root privilege.
that’s unfortunately true. >I'm unsure if and how it can be used with eatmydata, but considering the Not sure, I’d think not? >Maybe Aurelien and Florian (on team@ but CC:ed just in case) have some input >on this too? It might be worth asking opinions on oss-sec as well. OK. Can you do the oss-sec part, I don’t know about it. That means we’re not setting precedent here with eatmydata. Then let me please immediately add another preloadable library (not yet finished) to the question scope. (Sorry Mattia.) The other library (codename xunihex) is LD_PRELOADable in order to implement an X11 IME (input method) using the same-process method. Well, really only part of it… in fact, all it does is extend the “default” IME (the one handling things like the Compose key with user-configurable sequences) by Ctrl-Shift-u… handling like found in the UIM IME (used by Gtk+ applications). It does this by wrapping functions like _XimLocalFilter that are part of the standard XFree86 IME implementation used by X.org, using RTLD_NEXT. That means that, yes, it catches keystrokes, but, again, it only applies when manually invoked (by adding to LD_PRELOAD), and to catch X11 keystrokes, easier methods like XGrabKey or the record extension exist. Perhaps, if it’s best to consider these LD_PRELOADable libraries that could benefit from the glibc suid bit case-by-case, this can be “preapproved”? Thanks in advance, //mirabilos -- 15:39⎜«mika:#grml» mira|AO: "mit XFree86® wär’ das nicht passiert" - muhaha 15:48⎜<thkoehler:#grml> also warum machen die xorg Jungs eigentlich alles kaputt? :) 15:49⎜<novoid:#grml> thkoehler: weil sie als Kinder nie den gebauten Turm selber umschmeissen durften? -- ~/.Xmodmap wonders…
