On Tue, Dec 3, 2013, at 9:50, Markus Teich wrote: > Mihail Zenkov wrote: > > ldd /usr/bin/gimp-2.8 > > Heyho, > > http://www.catonmat.net/blog/ldd-arbitrary-code-execution/
Considering that he probably _actually_ executes the very same gimp-2.8 binary all the time, your concern is misplaced. This attack is highly situational, requiring the attacker to cause someone to encounter a binary that they would not otherwise execute and to be curious about what libraries it uses. "Don't run ldd on an unknown binary you wouldn't execute" becomes "don't run ldd ever on anything" - the cargo cult at its finest. I propose not allowing untrusted binaries to be placed in /usr/bin in the first place.
