http://packetstorm.linuxsecurity.com/filedesc/injectso-0.2.1.tar.html
describes injectso, "a tool that can be used to inject shared libraries
into running processes on Linux (x86/IA32 and Sparc)...".
Maybe I misunderstand, but might it not be also possible to use this to
inject replacements for shared libraries too?
I wonder if this or something like it could be used for libc6, zlib... and
other shared library upgrades. I'm not sure if it works or if it could be
used for this kind of purpose. I remember a restart of certain services
was done in an older libc upgrade (I believe libc6 between potato and
woody).
I bring this up because recently there was some concern about glibc
security updates not restarting programs which would leave them vulnerable
until restart.
Should I bring this to the attention of the glibc maintainer(s)? Perhaps a
wishlist bug?
Drew Daniels
